Usage of ezyang/htmlpurifier package #3216
Replies: 2 comments 3 replies
-
|
It's used to sanitize string values being written to the HTML Writer, so that any html strings in a loaded file can't be used to inject malicious content into html output We have had a PR #2498 to replace it with the MIT licensed tgalopin/html-sanitizer; but a PR that failed a significant number of tests. As a relatively low priority change, I've made no effort to resolve those issues; but feel free to take a look at that PR and see if you can resolve the problems; or to submit a better alternative. |
Beta Was this translation helpful? Give feedback.
-
|
Thanks for reply. I'll take a look |
Beta Was this translation helpful? Give feedback.
-
|
Hi, did you managed to take a look, or perhaps solve it? We are facing the same issue with our product |
Beta Was this translation helpful? Give feedback.
-
|
Hi, here is PR #3695 |
Beta Was this translation helpful? Give feedback.
-
|
Closing. Resolved bu PR #3724. |
Beta Was this translation helpful? Give feedback.
-
Hi, You have ezyang/htmlpurifier dependency, but I couldn't find how do you exactly use it. This library has LGPL licence which is not very good for our project, so I am wondering is it possible to replace it with something similar
Beta Was this translation helpful? Give feedback.
All reactions