PHPackages gplcart/xss - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. gplcart/xss ActiveGplcart-module[Security](/categories/security) gplcart/xss =========== Simple XSS filter with the ability to preserve some HTML tags 011PHP Since Mar 10Pushed 8y agoCompare [ Source](https://github.com/gplcart/xss)[ Packagist](https://packagist.org/packages/gplcart/xss)[ RSS](/packages/gplcart-xss/feed)WikiDiscussions master Synced 2d ago READMEChangelogDependenciesVersions (1)Used By (1) [![Build Status](https://camo.githubusercontent.com/7a43954524a878b9d7f1f6dc353930ba2e57981932cd62e2d4a44b034866f668/68747470733a2f2f7363727574696e697a65722d63692e636f6d2f672f67706c636172742f7873732f6261646765732f6275696c642e706e673f623d6d6173746572)](https://scrutinizer-ci.com/g/gplcart/xss/build-status/master)[![Scrutinizer Code Quality](https://camo.githubusercontent.com/03637edc531391863e1699978a41ceab75d07f94937cfa881dd3c9ffed7bdb4c/68747470733a2f2f7363727574696e697a65722d63692e636f6d2f672f67706c636172742f7873732f6261646765732f7175616c6974792d73636f72652e706e673f623d6d6173746572)](https://scrutinizer-ci.com/g/gplcart/xss/?branch=master) XSS filter is a [GPL Cart](https://github.com/gplcart/gplcart) module that intended to protect site visitors from XSS vulnerabilities. Essentially it filters out all dangerous tags and entities from HTML passed into `$this->filter()` function in theme templates. Administrators can decide which tags should be kept in the filtered text. **Installation** 1. Download and extract to `system/modules` manually or using composer `composer require gplcart/xss`. IMPORTANT: If you downloaded the module manually, be sure that the name of extracted module folder doesn't contain a branch/version suffix, e.g `-master`. Rename if needed. 2. Go to `admin/module/list` end enable the module 3. Adjust list of allowed tags at `admin/module/settings/xss` ### Health Score 19 — LowBetter than 10% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity1 Limited adoption so far Community8 Small or concentrated contributor base Maturity41 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Community Maintainers ![](https://www.gravatar.com/avatar/ad45895ef2d2867dc5294b7581948c79eef568001241d98eaf631bfe9fadeb63?d=identicon)[gplcart](/maintainers/gplcart) --- Top Contributors [![gplcart](https://avatars.githubusercontent.com/u/16158956?v=4)](https://github.com/gplcart "gplcart (3 commits)") --- Tags ecommercegplcartgplcart-modulephpsecurityshopping-cartxssxss-filter ### Embed Badge ![Health badge](/badges/gplcart-xss/health.svg) ``` [![Health](https://phpackages.com/badges/gplcart-xss/health.svg)](https://phpackages.com/packages/gplcart-xss) ``` ### Alternatives [defuse/php-encryption Secure PHP Encryption Library 3.9k162.4M214](/packages/defuse-php-encryption)[roave/security-advisories Prevents installation of composer packages with known security vulnerabilities: no API, simply require it 2.9k97.3M6.4k](/packages/roave-security-advisories)[mews/purifier Laravel 5/6/7/8/9/10 HtmlPurifier Package 2.0k16.7M113](/packages/mews-purifier)[robrichards/xmlseclibs A PHP library for XML Security 41278.1M118](/packages/robrichards-xmlseclibs)[bjeavons/zxcvbn-php Realistic password strength estimation PHP library based on Zxcvbn JS 86917.5M63](/packages/bjeavons-zxcvbn-php)[illuminate/encryption The Illuminate Encryption package. 9229.7M280](/packages/illuminate-encryption) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)