htmLawed is a highly customizable single-file PHP script to make text secure, standard and admin policy-compliant for use in the body of HTML 4, XHTML 1 or 1.1, or generic XML documents. It is thus a configurable input (X)HTML filter, processor, purifier, sanitizer, beautifier, etc., and an alternative to the HTMLTidy application.
The lawing in of input text is needed to ensure that HTML code in the text is standard-compliant, does not introduce security vulnerabilities, and does not break the aesthetics, design or layout of web-pages. htmLawed tries to do this by, for example, making HTML well-formed with balanced and properly nested tags, neutralizing code that may be used for cross-site scripting (XSS) attacks, and allowing only specified HTML elements/tags and attributes.
- Make HTML markup in text secure and standard-compliant
- Process text for use in HTML, XHTML or XML documents
- Restrict HTML elements, attributes or URL protocols using black- or white-lists
- Balance tags, check element nesting, transform deprecated attributes and tags, make relative URLs absolute, etc.
- Fast, highly customizable, well-documented
- Single, 47 kb file
- Simple HTML Tidy alternative
- Use to filter, secure & sanitize HTML in blog comments or forum posts, generate XML-compatible feed items from web-page excerpts, convert HTML to XHTML, pretty-print HTML, scrape web-pages, reduce spam, remove XSS code, etc.
Using htmLawed is as simple as it gets. You can either include() the htmLawed.php file or copy-paste the entire code. htmLawed should work with PHP 4.3 and higher.
htmLawed is free and open-source software licensed under GPL license version 3, and copyrighted by Santosh Patnaik. You can find further information, demo & download on htmLawed Websiter.