PHPackages yvan/purifier - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. yvan/purifier ActiveLibrary[Security](/categories/security) yvan/purifier ============= html purifier package for PHP v1.0.2(9y ago)116MITPHPPHP >=5.3 Since Apr 5Pushed 9y ago1 watchersCompare [ Source](https://github.com/Liu-Yvan/Purifier)[ Packagist](https://packagist.org/packages/yvan/purifier)[ Docs](https://github.com/Liu-Yvan/Purifier)[ RSS](/packages/yvan-purifier/feed)WikiDiscussions master Synced 1mo ago READMEChangelog (2)Dependencies (1)Versions (4)Used By (0) HTMLPurifier ============ [](#htmlpurifier) **描述** 简单封装HTMLPurifier的富文本过滤器,自定义白名单机制,有效杜绝了用户提交表单中的非法HTML标签,从而可以防止XSS攻击! Laravel框架下的请参考: **安装** ``` sudo composer require "yvan/purifier" ``` **使用** ``` $params = [ 'one' => 'one', 'two' => 'alert(123);two', ]; $purifier = new \Yvan\Purifier\Purifier(); $result = $purifier->remove($params); print_r($result); ``` **打印结果:** ``` Array ( [one] => one [two] => two ) ``` **白名单配置** `路径:config\purifier.php` ``` return [ 'encoding' => 'utf-8', //编码 'finalize' => true, //固定 'cachePath' => '/cache/purifier', //缓存路径 'cacheFileMode' => 0755, 'settings' => [ 'default' => [ //默认配置 'HTML.Trusted' => true, //信任html元素,如form 'AutoFormat.RemoveEmpty' => true, //移除空 ], 'help' => [ //自定义配置 'HTML.AllowedElements' => 'p,span,img,a,strong,em,hr,br', //在受安全支持元素的范围下定义信任元素 'CSS.AllowedProperties' => 'background,background-attachment,background-clip,background-color,background-image,background-origin,background-position,background-repeat,background-size,border,border-box,border-bottom,border-bottom-color,border-bottom-left-radius,border-bottom-right-radius,border-bottom-style,border-bottom-width,border-collapse,border-color,border-image,border-image-outset,border-image-repeat,border-image-slice,border-image-source,border-image-width,border-left,border-left-color,border-left-style,border-left-width,border-radius,border-right,border-right-color,border-right-style,border-right-width,border-spacing,border-style,border-top,border-top-color,border-top-left-radius,border-top-right-radius,border-top-style,border-top-width,border-width,box-decoration-break,box-shadow,box-sizing,box-snap,box-suppress,break-after,break-before,break-inside,caption-side,clear,color,color-interpolation-filters,display,display-inside,display-list,display-outside,font,font-family,font-feature-settings,font-kerning,font-language-override,font-size,font-size-adjust,font-stretch,font-style,font-synthesis,font-variant,font-weight,height,letter-spacing,lighting-color,list-style,list-style-image,list-style-position,list-style-type,margin,margin-bottom,margin-left,margin-right,margin-top,max-height,max-lines,max-width,min-height,min-width,padding,padding-bottom,padding-left,padding-right,padding-top,text-align,text-align-last,text-decoration,text-decoration-color,text-decoration-line,text-decoration-skip,text-decoration-style,text-emphasis,text-height,text-indent,text-justify,text-orientation,text-overflow,text-shadow,text-space-collapse,text-transform,text-underline-position,text-wrap,width,word-break,word-spacing,word-wrap,z-index,right,left,top,bottom,cursor,line-break,size', 'AutoFormat.RemoveEmpty' => true, ], ], 'custom_definition' => [//自定义不受支持的元素和属性 'id' => 'definition_cache_id', //缓存ID、固定 'rev' => 1,//自增值,固定 'debug' => false,//false不打开调试,即不缓存 'elements' => [//自定义元素 ['section', 'Block', 'Flow', 'Common'], ['nav', 'Block', 'Flow', 'Common'], ['article', 'Block', 'Flow', 'Common'], ['aside', 'Block', 'Flow', 'Common'], ['header', 'Block', 'Flow', 'Common'], ['footer', 'Block', 'Flow', 'Common'], ['address', 'Block', 'Flow', 'Common'], ], 'attributes' => [//自定义属性 ['table', 'height', 'Text'], ['td', 'border', 'Text'], ['th', 'border', 'Text'], ['tr', 'width', 'Text'], ['tr', 'height', 'Text'], ['tr', 'border', 'Text'], ], ], ]; ``` **备注** 插件库默认只支持受信任的安全元素,其他元素需要在custom\_definition选项里面添加,如:添加nav元素,在custom\_definition.elements选项定义之后,若定义了HTML.AllowedElements选项还需把nav元素添加进去,表示允许信任这个元素。 自定义元素的规则: 受信任的安全元素列表,其他需自定义: ``` //受信任的的元素 'HTML.AllowedElements' => 'a,abbr,address,b,bdo,big,blockquote,br,caption,cite,code,col,colgroup,dd,del,div,dl,dt,em,font,h1,h2,h3,h4,h5,h6,hr,i,img,ins,li,ol,p,pre,s,small,span,sub,sup,strong,table,tbody,td,tfoot,th,thead,tr,tt,u,ul' //受信任的的属性 'CSS.AllowedProperties' => 'background,background-attachment,background-color,background-image,background-position,background-repeat,border,border-bottom,border-bottom-color,border-bottom-style,border-bottom-width,border-collapse,border-color,border-left,border-left-color,border-left-style,border-left-width,border-right,border-right-color,border-right-style,border-right-width,border-spacing,border-style,border-top,border-top-color,border-top-style,border-top-width,border-width,caption-side,clear,color,font,font-family,font-size,font-style,font-variant,font-weight,height,letter-spacing,list-style,list-style-image,list-style-position,list-style-type,margin,margin-bottom,margin-left,margin-right,margin-top,padding,padding-bottom,padding-left,padding-right,padding-top,text-align,text-decoration,text-indent,text-transform,width,word-spacing' ``` ### Health Score 26 — LowBetter than 43% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity7 Limited adoption so far Community7 Small or concentrated contributor base Maturity60 Established project with proven stability Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~0 days Total 3 Last Release 3321d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/f5542d660bafb65953fd7b7c00c382be3fc7a00e7ea7405dd5b8cf5e24368ac2?d=identicon)[yvan](/maintainers/yvan) --- Top Contributors [![Liu-Yvan](https://avatars.githubusercontent.com/u/11767987?v=4)](https://github.com/Liu-Yvan "Liu-Yvan (2 commits)") --- Tags htmlpurifierxsssecurityPurifierhtmlpurifierxss ### Embed Badge ![Health badge](/badges/yvan-purifier/health.svg) ``` [![Health](https://phpackages.com/badges/yvan-purifier/health.svg)](https://phpackages.com/packages/yvan-purifier) ``` ### Alternatives [mews/purifier Laravel 5/6/7/8/9/10 HtmlPurifier Package 2.0k16.7M112](/packages/mews-purifier)[voku/anti-xss anti xss-library 72317.1M76](/packages/voku-anti-xss)[luketowers/purifier Laravel 5 HtmlPurifier Package 3280.0k9](/packages/luketowers-purifier)[xemlock/htmlpurifier-html5 HTML5 support for HTML Purifier 1052.9M11](/packages/xemlock-htmlpurifier-html5)[akaunting/laravel-firewall Web Application Firewall (WAF) package for Laravel 999465.8k2](/packages/akaunting-laravel-firewall) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)