artabro/wire/modules/Markup/MarkupHTMLPurifier/README.md

41 lines
1.8 KiB
Markdown
Raw Permalink Normal View History

2024-08-27 11:35:37 +02:00
# HTML Purifier module for ProcessWire
HTML sanitization and validation for ProcessWire. Serves as a front-end to the [HTML Purifier](http://htmlpurifier.org) software.
From htmlpurifier.org:
> "HTML Purifier is a standards-compliant HTML filter library written in PHP. HTML Purifier will not only remove all malicious code (better known as XSS) with a thoroughly audited, secure yet permissive whitelist, it will also make sure your documents are standards compliant, something only achievable with a comprehensive knowledge of W3C's specifications."
## Usage
```
$purifier = $modules->get('MarkupHTMLPurifier');
$cleanHTML = $purifier->purify($dirtyHTML);
```
To specify custom settings to HTML Purifier, perform set() calls before calling purify(). For example, UTF-8 encoding is assumed, so if you wanted ISO-8859-1 instead, you'd do:
```
$purifier->set('Core.Encoding', 'ISO-8859-1');
```
[Full list of HTML Purifier config options](http://htmlpurifier.org/live/configdoc/plain.html)
## Install
- Place the files from this module in /site/modules/MarkupHTMLPurifier/
- In ProcessWire Admin > Modules, click *check for new modules*, and click *install*.
## Updates
The version number of this module represents the version number of HTML Purifier. I will do my best to keep this module up-to-date with the HTML Purifier version. But before installing this module, you may want to check if a newer version of the HTML Purifier software is available from the [HTML Purifier downloads](http://htmlpurifier.org/download) page.
We are using the *standalone* distribution of HTML Purifier. To update it, download the latest standalone distribution and replace the `htmlpurifier` directory with the new version you downloaded.
------
HTML Purifier by Edward Z. Yang (http://htmlpurifier.org)
ProcessWire module by Ryan Cramer (http://processwire.com)