PHPackages                             rancoud/security - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Testing &amp; Quality](/categories/testing)
4. /
5. rancoud/security

ActiveLibrary[Testing &amp; Quality](/categories/testing)

rancoud/security
================

Security package

4.0.1(2mo ago)013.4k↓38.6%21MITPHPPHP &gt;=8.4.0CI passing

Since Dec 4Pushed 1mo ago1 watchersCompare

[ Source](https://github.com/rancoud/Security)[ Packagist](https://packagist.org/packages/rancoud/security)[ RSS](/packages/rancoud-security/feed)WikiDiscussions master Synced 1mo ago

READMEChangelog (10)Dependencies (4)Versions (29)Used By (1)

Security Package
================

[](#security-package)

[![Packagist PHP Version Support](https://camo.githubusercontent.com/70a8946e251f485791b4493245edd472aa444caf7db72b527523e2bb56073477/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f7068702d762f72616e636f75642f7365637572697479)](https://camo.githubusercontent.com/70a8946e251f485791b4493245edd472aa444caf7db72b527523e2bb56073477/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f7068702d762f72616e636f75642f7365637572697479)[![Packagist Version](https://camo.githubusercontent.com/83fd7ca288d3592cc7ca9a2f532b9162cebb0ebc1b3e876f2342701ddb70f09a/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f72616e636f75642f7365637572697479)](https://packagist.org/packages/rancoud/security)[![Packagist Downloads](https://camo.githubusercontent.com/1e55937d71ac57a0615431a3de4c317953bd6edc2ec065dd0dd73bcb70895bfd/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f72616e636f75642f7365637572697479)](https://packagist.org/packages/rancoud/security)[![Composer dependencies](https://camo.githubusercontent.com/aae95fbaa83bc6a3f4597f3a75da45ea46ec236fc324617f0e5a2f15e07fe750/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f646570656e64656e636965732d302d627269676874677265656e)](https://github.com/rancoud/Security/blob/master/composer.json)[![Test workflow](https://camo.githubusercontent.com/ce6a18167ff90820e37e166fb43fd0e5405614d4ce212336f43ea8f5985151d5/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f616374696f6e732f776f726b666c6f772f7374617475732f72616e636f75642f73656375726974792f746573742e796d6c3f6272616e63683d6d6173746572)](https://github.com/rancoud/security/actions/workflows/test.yml)[![Codecov](https://camo.githubusercontent.com/7ff4dd311ec9c0602cf84dc8061b98889740e1d922166906344f39fb1bcc48fa/68747470733a2f2f696d672e736869656c64732e696f2f636f6465636f762f632f6769746875622f72616e636f75642f73656375726974793f6c6f676f3d636f6465636f76)](https://codecov.io/gh/rancoud/security)

Escape string to output HTML (and JS).

Installation
------------

[](#installation)

```
composer require rancoud/security
```

How to use it?
--------------

[](#how-to-use-it)

```
use Rancoud\Security\Security;

// When you want to escape text for HTML output.
echo '' . Security::escHTML('alert("test");') . '' . "\n";
// -> &lt;script&gt;alert(&quot;test&quot;);&lt;&#47;script&gt;

// When you want to escape text for HTML attribute output.
echo 'alert("test");' . "\n";
// ->

// When you want to escape text for JS output.
echo 'const value = "' . Security::escJS('";alert("test");let a="') . '";' . "\n";
// -> const value = "\x22\x3Balert\x28\x22test\x22\x29\x3Blet\x20a\x3D\x22";

// When you want to escape text for URL output.
echo Security::escURL('https://example.com') . "\n";
// -> https%3A%2F%2Fexample.com

// When you want to escape text for CSS output.
echo 'body {background-color: ' . Security::escCSS('red;} body {background-image: url("https://example.com");') . '}' . "\n";
// -> body {background-color: red\3B \7D \20 body\20 \7B background\2D image\3A \20 url\28 \22 https\3A \2F \2F example\2E com\22 \29 \3B }

// Checks if charset is supported.
Security::isSupportedCharset('ISO-8859-15');
// -> true
Security::isSupportedCharset('foo');
// -> false
```

Security
--------

[](#security)

### Main functions

[](#main-functions)

Escapes text for HTML output.

```
public static function escHTML($text, string $charset = 'UTF-8'): string
```

Escapes text for HTML attribute output.

```
public static function escAttr($text, string $charset = 'UTF-8'): string
```

Escapes text for JS output.

```
public static function escJS($text, string $charset = 'UTF-8'): string
```

Escapes text for URL output.

```
public static function escURL($text, string $charset = 'UTF-8'): string
```

Escapes text for CSS output.

```
public static function escCSS($text, string $charset = 'UTF-8'): string
```

Checks if charset is supported.

```
public static function isSupportedCharset(string $charset): bool
```

Supported Charsets
------------------

[](#supported-charsets)

Charsets supported are only charsets shortlisted (see list below) which are also supported by mbstring extension.
[More info at PHP documentation](https://www.php.net/manual/en/mbstring.encodings.php) [and at the PHP libmbfl README](https://github.com/php/php-src/tree/master/ext/mbstring/libmbfl)

Charsets shortlisted:

- BIG5
- BIG5-HKSCS
- CP866
- CP932
- CP1251
- CP1252
- EUC-JP
- eucJP-win
- GB2312
- ISO-8859-1
- ISO-8859-5
- ISO-8859-15
- KOI8-R
- MacRoman
- Shift\_JIS
- SJIS
- SJIS-win
- UTF-8
- Windows-1251
- Windows-1252

How to Dev
----------

[](#how-to-dev)

`composer ci` for php-cs-fixer and phpunit and coverage
`composer lint` for php-cs-fixer
`composer test` for phpunit and coverage

###  Health Score

59

—

FairBetter than 99% of packages

Maintenance89

Actively maintained with recent releases

Popularity26

Limited adoption so far

Community16

Small or concentrated contributor base

Maturity89

Battle-tested with a long release history

 Bus Factor1

Top contributor holds 82.9% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~102 days

Recently: every ~116 days

Total

27

Last Release

64d ago

Major Versions

1.0.1 → 2.0.02020-05-09

2.0.4 → 3.0.02020-09-03

3.1.2 → 4.0.02025-04-20

PHP version history (3 changes)1.0.0PHP &gt;=7.2.0

2.0.0PHP &gt;=7.4.0

4.0.0PHP &gt;=8.4.0

### Community

Maintainers

![](https://www.gravatar.com/avatar/829a536bd4f71cadcd0266e272ccaf413e3fc9f2937248c9a2317ef0bf2d25ee?d=identicon)[rancoud](/maintainers/rancoud)

---

Top Contributors

[![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?v=4)](https://github.com/dependabot[bot] "dependabot[bot] (243 commits)")[![rancoud](https://avatars.githubusercontent.com/u/1884186?v=4)](https://github.com/rancoud "rancoud (49 commits)")[![Godnite](https://avatars.githubusercontent.com/u/10619405?v=4)](https://github.com/Godnite "Godnite (1 commits)")

---

Tags

charsetcomposercoverageescaperpackagistphpphp84phpunitsecurity

###  Code Quality

TestsPHPUnit

Code StylePHP CS Fixer

### Embed Badge

![Health badge](/badges/rancoud-security/health.svg)

```
[![Health](https://phpackages.com/badges/rancoud-security/health.svg)](https://phpackages.com/packages/rancoud-security)
```

###  Alternatives

[phpspec/prophecy

Highly opinionated mocking framework for PHP 5.3+

8.5k551.7M682](/packages/phpspec-prophecy)[brianium/paratest

Parallel testing for PHP

2.5k118.8M754](/packages/brianium-paratest)[beberlei/assert

Thin assertion library for input validation in business models.

2.4k96.9M570](/packages/beberlei-assert)[mikey179/vfsstream

Virtual file system to mock the real file system in unit tests.

1.4k108.0M2.7k](/packages/mikey179-vfsstream)[orchestra/testbench

Laravel Testing Helper for Packages Development

2.2k39.1M32.1k](/packages/orchestra-testbench)[phpspec/phpspec

Specification-oriented BDD framework for PHP 7.1+

1.9k36.7M3.1k](/packages/phpspec-phpspec)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)