PHPackages jizuscreed/white-html-filter - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Search & Filtering](/categories/search) 4. / 5. jizuscreed/white-html-filter ActiveLibrary[Search & Filtering](/categories/search) jizuscreed/white-html-filter ============================ A lightweight php-based HTML tag and attribute whitelist filter. Fork of lincanbin/white-html-filter with three critical bugfixes v1.5(5y ago)06Apache-2.0PHPPHP >=5.3.0 Since Jul 18Pushed 5y agoCompare [ Source](https://github.com/jizuscreed/White-HTML-Filter)[ Packagist](https://packagist.org/packages/jizuscreed/white-html-filter)[ RSS](/packages/jizuscreed-white-html-filter/feed)WikiDiscussions master Synced 6d ago READMEChangelog (1)DependenciesVersions (10)Used By (0) White HTML Filter [![Build Status](https://camo.githubusercontent.com/f89a7ab7705f92085101cf90b355c4c10e6c3d6eba173c8be9291f707123cebd/68747470733a2f2f7472617669732d63692e6f72672f6c696e63616e62696e2f57686974652d48544d4c2d46696c7465722e7376673f6272616e63683d6d6173746572)](https://travis-ci.org/lincanbin/White-HTML-Filter) ================================================================================================================================================================================================================================================================================================================================== [](#white-html-filter------) A php-based HTML tag and attribute whitelist filter. XSS filtering based on regular or textual replacement is not safe. This filter uses the DOMDocument based on `The Tokenization Algorithm`, which is more secure. Requirements ------------ [](#requirements) - PHP version 5.3.0 or higher. Installation ------------ [](#installation) Install this package via [Composer](https://getcomposer.org/). ``` composer require lincanbin/white-html-filter ``` Or edit your project's `composer.json` to require `lincanbin/white-html-filter` and then run `composer update`. ``` "require": { "lincanbin/white-html-filter": "~1.3" } ``` Usage ----- [](#usage) ### Basic Usage [](#basic-usage) > **Note:** You should have composer's autoloader included `require 'vendor/autoload.php'` (that's obvious.) Instantiate WhiteHTMLFilter object ``` use lincanbin\WhiteHTMLFilter; $html = outputHtml()); ``` ### Configuration [](#configuration) - Remove allowed tags ``` use lincanbin\WhiteHTMLFilter; $filter = new WhiteHTMLFilter(); $filter->config->removeAllAllowTag(); //Or $filter->config->removeFromTagWhiteList('div'); $filter->config->removeFromTagWhiteList(array("div", "table")); ``` - Add new allowed tags ``` use lincanbin\WhiteHTMLFilter; $filter = new WhiteHTMLFilter(); $filter->config->removeAllAllowTag(); $filter->config->modifyTagWhiteList(array( "img" => array("alt", "src", "height", "width"), "a" => array("href", "rel", "target", "download", "type") )); ``` - Modify allowed HTML global attributes ``` use lincanbin\WhiteHTMLFilter; $filter = new WhiteHTMLFilter(); $filter->config->WhiteListHtmlGlobalAttributes = array( "class", "style", "title", "data-*" ); ``` - Modify allowed css style (Leave blank to allow everything) ``` use lincanbin\WhiteHTMLFilter; $filter = new WhiteHTMLFilter(); $filter->config->WhiteListStyle = array( "color", "border", "background", "position" ); ``` - Modify allowed css class (Leave blank to allow everything) ``` use lincanbin\WhiteHTMLFilter; $filter = new WhiteHTMLFilter(); $filter->config->WhiteListCssClass = array( "container", "title", "sub-title", "sider-bar" ); ``` ### Use Custom Attribute Value Filter [](#use-custom-attribute-value-filter) ``` use lincanbin\WhiteHTMLFilter; $html = array( 'src' => $urlFilter, 'width', 'height', 'frameborder', 'allowfullscreen' ) ); $filter->loadHTML($html); $filter->clean(); var_dump($filter->outputHtml()); ``` Result: ``` ``` ### Default Filter Configuration [](#default-filter-configuration) - [See here](https://github.com/lincanbin/White-HTML-Filter/blob/master/src/WhiteHTMLFilterConfig.php) Donate for White HTML Filter ---------------------------- [](#donate-for-white-html-filter) - Alipay: [![Alipay](https://camo.githubusercontent.com/05e2b9dcd6554b07ca5779e40240ac22c2f8e7268b7c8808786fd72a1bdeb7c7/68747470733a2f2f7777772e393463622e636f6d2f75706c6f61642f646f6e6174655f736d616c6c2e706e67)](https://camo.githubusercontent.com/05e2b9dcd6554b07ca5779e40240ac22c2f8e7268b7c8808786fd72a1bdeb7c7/68747470733a2f2f7777772e393463622e636f6d2f75706c6f61642f646f6e6174655f736d616c6c2e706e67) - Wechat: [![Wechat](https://camo.githubusercontent.com/d812cd5f8f0ea237d6b30317a6b76abb23a28ecc5f7c1c24aefec9c782622f0c/68747470733a2f2f7777772e393463622e636f6d2f75706c6f61642f646f6e6174655f77656978696e5f736d616c6c2e706e67)](https://camo.githubusercontent.com/d812cd5f8f0ea237d6b30317a6b76abb23a28ecc5f7c1c24aefec9c782622f0c/68747470733a2f2f7777772e393463622e636f6d2f75706c6f61642f646f6e6174655f77656978696e5f736d616c6c2e706e67) - Paypal: License ------- [](#license) ``` Copyright 2017 Canbin Lin (lincanbin@hotmail.com) Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. ``` ### Health Score 27 — LowBetter than 49% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity4 Limited adoption so far Community8 Small or concentrated contributor base Maturity64 Established project with proven stability Bus Factor1 Top contributor holds 92.6% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~229 days Recently: every ~286 days Total 6 Last Release 2080d ago PHP version history (2 changes)v1.0PHP >=5.1.0 v1.2PHP >=5.3.0 ### Community Maintainers ![](https://www.gravatar.com/avatar/3ddd523b9ab6c401fc8ae46c7a40c1fbffebd9c06bcda14c485eef43deda1329?d=identicon)[jizuscreed](/maintainers/jizuscreed) --- Top Contributors [![lincanbin](https://avatars.githubusercontent.com/u/5785188?v=4)](https://github.com/lincanbin "lincanbin (50 commits)")[![jizuscreed](https://avatars.githubusercontent.com/u/13093236?v=4)](https://github.com/jizuscreed "jizuscreed (4 commits)") --- Tags htmlfilterxsswhitelist ### Embed Badge ![Health badge](/badges/jizuscreed-white-html-filter/health.svg) ``` [![Health](https://phpackages.com/badges/jizuscreed-white-html-filter/health.svg)](https://phpackages.com/packages/jizuscreed-white-html-filter) ``` ### Alternatives [htmlawed/htmlawed Official htmLawed PHP library for HTML filtering 401.1M9](/packages/htmlawed-htmlawed)[lincanbin/white-html-filter A lightweight php-based HTML tag and attribute whitelist filter. 1215.1k1](/packages/lincanbin-white-html-filter)[soosyze/kses An HTML/XHTML filter written in PHP. Checks on attribute values. Can be used to avoid Cross-Site Scripting (XSS), Buffer Overflows and Denial of Service attacks, among other things. 1258.5k1](/packages/soosyze-kses)[bakame/html-table convert html table into a PHP data structure 113.0k](/packages/bakame-html-table) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)