Skip to content

End User Submitted Markup

Jump to bottom Edit New page
Matt Farina edited this page Nov 1, 2013 · 1 revision

When end users of a website or web application submit markup and that markup is going to be displayed back it needs to be sanitized. For example, it's usually not appropriate to display a script tag as that could leave to script injection security issues.

html5-php is not an appropriate tool to use for this form of filtering. Neither is the PHP DOMDocument system provided by libxml.

If you need this form of filtering please look into tools such as HTML Purifier which can be installed via composer from Packagist.

Add a custom footer
Add a custom sidebar
Clone this wiki locally