[linux@DUKE logo]

Htmlfilter:

  • Download
  • Report a problem

    • Return To:

  • Htmlfilter
  • Mini-projects
  • Projects
  • Linux@DUKE
  • DULUG
  • Duke University


    • [Linux@DUKE:Projects:Mini-projects:Htmlfilter:Htmlfilter]

    Htmlfilter for PHP

    This is a set of PHP routines to make sure that untrusted HTML code is safe to display in a end-user's browser. This filter was originally developed for SquirrelMail, but now has a life of its own, as it is used widely outside the initial project.

    Maintainer

    Htmlfilter was written and is currently maintained by Konstantin Riabitsev <icon.[at].linux.duke.edu>.

    Bug Reports

    Please use the bugzilla to report a bug or an overlooked vulnerability. Choose "htmlfilter" as the name of the component.

    License and Copyright

    This software is copyright © 2002-2005 by Duke University. It is available to you under the terms of GNU LGPL.

    Usage

    This is a library, so check out the comments in htmlfilter.inc and ponder the example code in samplefilter.php (which is a blacklist-based filter that attempts to prevent attacks and mostly succeeds. I say "mostly" because you never know what they may think of next).

    Download (ChangeLog)

    Current version is htmlfilter-1.1.2 (diff to htmlfilter-1.1.1).

    Test-drive*

    Test the current version and see if you find any problems [htmlfilter.inc, samplefilter.php]

    URL:

    or

    Input your html here:

    Show a lot of ugly debugging info.

    * The server is a dual P3-933 running on CentOS 4.

    Updated: Jun-30-2005 | Contact: webmaster | Printable version
    Copyright © 2003-2004 by Duke University