HTML Purifier is a standards-compliant HTML filter written in PHP. Because it uses whitelists and a comprehensive knowledge of the HTML specification, it is bullet-proof against XSS, fixes malformed input rather than reject it, and is open and extensible. The 2.0.0 release lets users customize HTML Purifier’s tag sets easier than ever before.
Resources:
June 22, 2007
News