PHPackages                             alkhwlani/xss-middleware - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Framework](/categories/framework)
4. /
5. alkhwlani/xss-middleware

ActiveLibrary[Framework](/categories/framework)

alkhwlani/xss-middleware
========================

A Laravel Middleware to filter user inputs from XSS and iframes and other embed elements.

4.1.2(1mo ago)5521.8k↑27.2%3MITPHPPHP ^8.1CI passing

Since Feb 23Pushed 1mo ago1 watchersCompare

[ Source](https://github.com/salkhwlani/laravel-xss-middlware)[ Packagist](https://packagist.org/packages/alkhwlani/xss-middleware)[ RSS](/packages/alkhwlani-xss-middleware/feed)WikiDiscussions master Synced 2d ago

READMEChangelog (9)Dependencies (18)Versions (13)Used By (0)

A XSS middleware for Laravel
============================

[](#a-xss-middleware-for-laravel)

[![Latest Version on Packagist](https://camo.githubusercontent.com/c4a04c47c76b8ceeed121cc3ea4b00a8c3768c6f4c2b79fc67ff349493004457/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f616c6b68776c616e692f7873732d6d6964646c65776172652e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/alkhwlani/xss-middleware)[![Software License](https://camo.githubusercontent.com/55c0218c8f8009f06ad4ddae837ddd05301481fcf0dff8e0ed9dadda8780713e/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6c6963656e73652d4d49542d627269676874677265656e2e7376673f7374796c653d666c61742d737175617265)](LICENSE.md)[![Build Status](https://camo.githubusercontent.com/e7bb66b02770fa477d1494d1dd995c2b03218f87be68ca62bb8ff6ad47cc7ec0/68747470733a2f2f696d672e736869656c64732e696f2f7472617669732f79656d656e69667265652f6c61726176656c2d7873732d6d6964646c776172652f6d61737465722e7376673f7374796c653d666c61742d737175617265)](https://travis-ci.org/yemenifree/laravel-xss-middlware)[![StyleCI](https://camo.githubusercontent.com/9c7b0a039659c170d76d445f5478aba68cb8af0116caf339e615d4886b7b32af/68747470733a2f2f7374796c6563692e696f2f7265706f732f3137323139343434302f736869656c643f6272616e63683d6d6173746572267374796c653d666c6174)](https://styleci.io/repos/172194440)[![Coverage Status](https://camo.githubusercontent.com/870ad67b9a60c6d85464149eaef11bff638b5445e666211c6135727a7b41ec89/68747470733a2f2f696d672e736869656c64732e696f2f7363727574696e697a65722f636f7665726167652f672f79656d656e69667265652f6c61726176656c2d7873732d6d6964646c776172652e7376673f7374796c653d666c61742d737175617265)](https://scrutinizer-ci.com/g/yemenifree/laravel-xss-middlware/code-structure)[![Quality Score](https://camo.githubusercontent.com/674d524656c87b56c144b9eccffd2c6374e301dea737e2b01173ee5487f60281/68747470733a2f2f696d672e736869656c64732e696f2f7363727574696e697a65722f672f79656d656e69667265652f6c61726176656c2d7873732d6d6964646c776172652e7376673f7374796c653d666c61742d737175617265)](https://scrutinizer-ci.com/g/yemenifree/laravel-xss-middlware)[![Total Downloads](https://camo.githubusercontent.com/a36f484a814bdf1df6ebf8cc31e1bdb9ecfa2f5df6646bf8087184ee82a6048e/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f616c6b68776c616e692f7873732d6d6964646c65776172652e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/alkhwlani/xss-middleware)

A Laravel middleware to cleaning all inputs/data of request from XSS and embed elements, its used [voku/anti-xss](https://github.com/voku/anti-xss) under the hood.

Support version
---------------

[](#support-version)

**Laravel****laravel-modules**5.8^1.06.X-8.X^2.09.X^3.010.X-13.X^4.0Install
-------

[](#install)

`composer require alkhwlani/xss-middleware`

Usage
-----

[](#usage)

That's it! by default package automatic register a global middleware to cleaning all string inputs for all requests.

if you are not using automatic package discovery, then add the service provider in `config/app.php`:

```
\Alkhwlani\XssMiddleware\ServiceProvider::class,
```

Optional
--------

[](#optional)

if you want customizes configuration you can publish the configuration

```
$ php artisan vendor:publish --provider="\Alkhwlani\XssMiddleware\ServiceProvider"
```

Then check the content of the published config file `config/xss-middleware.php`.

Testing
-------

[](#testing)

Run the tests with:

```
vendor/bin/phpunit
```

Contributing
------------

[](#contributing)

Please see [CONTRIBUTING](CONTRIBUTING.md) for details.

Security
--------

[](#security)

If you discover any security-related issues, please email  instead of using the issue tracker.

Credits
-------

[](#credits)

- [Salah Alkhwlani](https://github.com/yemenifree)
- [Graham Campbell](https://github.com/GrahamCampbell)
- [All Contributors](../../contributors)

License
-------

[](#license)

The MIT License (MIT). Please see [License File](/LICENSE.md) for more information.

###  Health Score

60

—

FairBetter than 98% of packages

Maintenance93

Actively maintained with recent releases

Popularity41

Moderate usage in the ecosystem

Community14

Small or concentrated contributor base

Maturity76

Established project with proven stability

 Bus Factor1

Top contributor holds 66.7% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~265 days

Recently: every ~310 days

Total

11

Last Release

35d ago

Major Versions

1.0.2 → 2.0.02021-06-10

2.0.1 → 3.0.02023-01-01

3.0.1 → 4.0.02023-03-25

### Community

Maintainers

![](https://avatars.githubusercontent.com/u/268311563?v=4)[salahalkhwlani](/maintainers/salahalkhwlani)[@salahalkhwlani](https://github.com/salahalkhwlani)

---

Top Contributors

[![salkhwlani](https://avatars.githubusercontent.com/u/10876587?v=4)](https://github.com/salkhwlani "salkhwlani (18 commits)")[![ossycodes](https://avatars.githubusercontent.com/u/55060799?v=4)](https://github.com/ossycodes "ossycodes (4 commits)")[![ahmedbally](https://avatars.githubusercontent.com/u/20849424?v=4)](https://github.com/ahmedbally "ahmedbally (3 commits)")[![alexeylivadnyi](https://avatars.githubusercontent.com/u/64726223?v=4)](https://github.com/alexeylivadnyi "alexeylivadnyi (1 commits)")[![devin-ai-integration[bot]](https://avatars.githubusercontent.com/in/811515?v=4)](https://github.com/devin-ai-integration[bot] "devin-ai-integration[bot] (1 commits)")

---

Tags

laravelmiddlewaresecurityxss-attacksxss-filtermiddlewareframeworklaravelsecurityxssLaravel Securityfilter input

###  Code Quality

TestsPHPUnit

### Embed Badge

![Health badge](/badges/alkhwlani-xss-middleware/health.svg)

```
[![Health](https://phpackages.com/badges/alkhwlani-xss-middleware/health.svg)](https://phpackages.com/packages/alkhwlani-xss-middleware)
```

###  Alternatives

[laravel/socialite

Laravel wrapper around OAuth 1 &amp; OAuth 2 libraries.

5.7k108.5M885](/packages/laravel-socialite)[laravel/mcp

Rapidly build MCP servers for your Laravel applications.

77022.3M151](/packages/laravel-mcp)[psalm/plugin-laravel

Psalm plugin for Laravel

3355.3M346](/packages/psalm-plugin-laravel)[laravel/cashier

Laravel Cashier provides an expressive, fluent interface to Stripe's subscription billing services.

2.6k29.9M146](/packages/laravel-cashier)[laravel/scout

Laravel Scout provides a driver based solution to searching your Eloquent models.

1.7k55.0M618](/packages/laravel-scout)[laravel/pulse

Laravel Pulse is a real-time application performance monitoring tool and dashboard for your Laravel application.

1.7k15.1M132](/packages/laravel-pulse)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
