PHPackages laravelgems/blade-escape - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. laravelgems/blade-escape ActiveLibrary[Security](/categories/security) laravelgems/blade-escape ======================== Custom blade directives to figth against XSS 1.0.0(9y ago)1212.4k↓70%4MITPHP Since Dec 25Pushed 9y ago3 watchersCompare [ Source](https://github.com/laravelgems/blade-escape)[ Packagist](https://packagist.org/packages/laravelgems/blade-escape)[ RSS](/packages/laravelgems-blade-escape/feed)WikiDiscussions master Synced 3w ago READMEChangelogDependencies (2)Versions (2)Used By (0) Blade Escape - fight against XSS ================================ [](#blade-escape---fight-against-xss) Blade Escape is a service provider that extends `Blade` directives and allows use `Laragems\Escape` library. ``` @text($label) Profile Validate var username = "@js($username)"; ``` Installation ------------ [](#installation) ``` composer require laravelgems/blade-escape ``` After that add service provider to a `config\app.php` ``` /* * Package Service Providers... */ ... LaravelGems\BladeEscape\Providers\BladeEscapeServiceProvider::class, ... ``` HTML - @text($variable), safe ----------------------------- [](#html---textvariable-safe) ``` @text($resume) @text($bio) ``` HTML Attribute - @attr(@variable), safe when following rules ------------------------------------------------------------ [](#html-attribute---attrvariable-safe-when-following-rules) Attribute's value should be quoted. For usage with whitelist attributes: align, alink, alt, bgcolor, border, cellpadding, cellspacing, class, color, cols, colspan, coords, dir, face, height, hspace, ismap, lang, marginheight, marginwidth, multiple, nohref, noresize, noshade, nowrap, ref, rel, rev, rows, rowspan, scrolling, shape, span, summary, tabindex, title, usemap, valign, value, vlink, vspace, width ``` ``` URL Parameter - @param($variable), safe --------------------------------------- [](#url-parameter---paramvariable-safe) ``` Click Me ``` Javascript Parameter - @js($variable), safe when following rules ---------------------------------------------------------------- [](#javascript-parameter---jsvariable-safe-when-following-rules) Value should be quoted. Avoid using dangerous functions (eval and so on), example - `setTimeout("@js($variable)")` (can be hacked!) ``` var username = "@js($variable)"; Click ``` CSS - @css($variable), safe when following rules ------------------------------------------------ [](#css---cssvariable-safe-when-following-rules) Surrounded by quotes. Avoid complex properties like `url`, `behavior` and custom (`-moz-binding`). Do not put untrusted data into IE's expression property value ``` .article { background-color: '@css($color)';} ``` **Must Read:** [QWASP - XSS Prevention Cheat Sheet](https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet) You don't like the names of directives. Ok, just change them in a published config. ### Health Score 35 — LowBetter than 77% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity31 Limited adoption so far Community11 Small or concentrated contributor base Maturity63 Established project with proven stability Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Unknown Total 1 Last Release 3470d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/0329a80c1ad4045bbc58669678a1c0dbef39c34b7a18ce7b5599e57b6831382e?d=identicon)[laravelgems](/maintainers/laravelgems) --- Top Contributors [![enkarito](https://avatars.githubusercontent.com/u/10289871?v=4)](https://github.com/enkarito "enkarito (1 commits)") ### Embed Badge ![Health badge](/badges/laravelgems-blade-escape/health.svg) ``` [![Health](https://phpackages.com/badges/laravelgems-blade-escape/health.svg)](https://phpackages.com/packages/laravelgems-blade-escape) ``` ### Alternatives [illuminate/encryption The Illuminate Encryption package. 9230.4M311](/packages/illuminate-encryption) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)