HTML Purifier 3.0
Date : 2008 01 14 Category : Tech & Development
AjaxianHTML Purifier 3.0 has been released.
What is HTML Purifier?
HTML Purifier is a standards-compliant HTML filter library written in PHP. HTML Purifier will not only remove all malicious code (better known as XSS) with a thoroughly audited, secure yet permissive whitelist, it will also make sure your documents are standards compliant, something only achievable with a comprehensive knowledge of W3C’s specifications.
What’s new in 3.0?
Release 3.0.0 is the first release of 2008 and also HTML Purifier’s first
PHP 5 only release.
The 2.1 series will still
be supported for bug and security fixes,
but will not get new features. This release a number of
improvements in CSS handling, including the filter
HTMLPurifier_Filter_ExtractStyleBlocks which integrates
HTML Purifier with
CSSTidy for cleaning style sheets
(see the source code file for more information on usage), contains
experimental support for
proprietary CSS properties with %CSS.Proprietary, case-insensitive
CSS properties, and more lenient hexadecimal color codes. Also, all code
has been upgraded to full PHP 5 and is
E_STRICT clean for all versions of PHP 5 (including the
5.0 series, which previously had parse-time errors).
You can run a live demo to see it at work.