Categories

Updated: 05/06/2008

htmLawed

htmLawed is a single-file, ~45 kb PHP software that makes input text more secure and standard-compliant, and suitable in general from the viewpoint of a web-page administrator, for use in the body of HTML 4, or XHTML 1 or 1.1 documents. It thus is a customizable HTML/XHTML filter, processor, purifier, sanitizer, etc., like the ''Kses'', ''HTMLPurifier'', etc., PHP scripts. The ''lawing in'' of input text is needed to ensure that HTML code in the text is standard-compliant, does not introduce security vulnerabilities (like XSS), and does not break a web-page''s design/layout. htmLawed does this by, for example, making HTML well-formed with balanced and properly nested tags, neutralizing code that may be used for cross-site scripting (''XSS'') attacks, and allowing only specified HTML elements/tags and attributes. Compared to HTMLPurifier, htmLawed can deal with all HTML tags (HTML Purifier can not), is 15-20x smaller in file-size and memory consumption, 2-4x faster, and PHP 4-compatible.
©2003-2019 jCay.com