Software Details:
Version: 1.1.16 / 1.2 Beta 3
Upload Date: 20 Feb 15
Distribution Type: Freeware
Downloads: 18
htmLawed is a PHP code to filter & purify HTML code.
Features:
- make HTML markup in text more secure and standard-compliant
- processed text can be used in HTML, XHTML or XML documents
- restrict HTML elements, attributes, protocols, etc.
- balance tags, check element nesting, transform deprecated attributes and tags, convert relative to absolute URLs, etc.
- highly customizable
- single file of ~45 kb
- simple HTML Tidy alternative
- use to filter & sanitize HTML code submitted in blog comments, forum posts, etc., generate XML-compatible feed items from web-page excerpts, make old HTML code XHTML-compliant, pretty-print HTML, scrape web-pages, and so on
What is new in this release:
- This release has a fix for a potential security vulnerability arising from specially encoded space characters in URL schemes/protocols.
What is new in version 1.1.15:
- This version improves handling of whitespace during execution of the HTML tidying/beautifying behavior of htmLawed.
What is new in version 1.2 Beta 3:
- This version improves checking for valid nesting within the a element.
What is new in version 1.2 Beta 2:
- This is the current beta version for the upcoming version 1.2 of htmLawed with support for HTML5.
What is new in version 1.1.12:
- This version included a fix for a bug in identifying an unquoted value of the 'face' attribute during attribute transformation.
What is new in version 1.1.9.4:
- Parameter schemes now accepts ! so any URL, even a local one, can be denied. An issue in which a second URL value in style properties was not checked was fixed.
What is new in version 1.1.7:
- Attributes globally denied through deny_attribute can be allowed element-specifically through $spec;
- $config["style_pass"] allowing letting through any style value introduced;
- altered logic to catch certain types of dynamic crafted CSS expressions.
What is new in version 1.1.6:
- The logic was altered to catch dynamic CSS expressions with invalid syntax that might get executed by the IE browser.
What is new in version 1.1.5:
- The efficacy of a regular expression handling dynamic CSS expressions was improved.
Comments not found