search

mewebstudio / Purifier

HTMLPurifier for Laravel 5/6/7/8/9/10/11
MIT License
1.88k stars 230 forks source link

How to add custom tags or HTML5 tags #32

Open nickground opened 8 years ago

nickground commented 8 years ago

Please show me how to add HTML 5 tags.

I need tags for figure and figcaption :(

AJenbo commented 8 years ago

This is the wrong package for you issue, you need to file it here instead: https://github.com/ezyang/htmlpurifier/issues (don't forget to close your issue)

mbeech commented 8 years ago

I think this is a valid issue. Here's how to add HTML5 elements directly using HTMLPurifier:

$config = HTMLPurifier_Config::createDefault();
if ($def = $config->maybeGetRawHTMLDefinition()) {
        $def->addElement('mark', 'Inline', 'Inline', 'Common');
        $def->addElement('figure', 'Block', 'Optional: (figcaption, Flow) | (Flow, figcaption) | Flow', 'Common');
        $def->addElement('figcaption', 'Inline', 'Flow', 'Common');
        ...
}

But I can't figure out how do it using this package. Any pointers?

itbdw commented 8 years ago

@mewebstudio Here's how to add HTML5 elements directly using HTMLPurifier ...... can't figure out how do it using this package.

+1

CraigLovelock commented 8 years ago

@mewebstudio I am also trying to do this one. I need to add the figure element but want to use your package and config file.

itbdw commented 8 years ago

I found the ultimate solution, STOP USE THIS! Just use the official htmlpurifier

EASY TO USE AND EASY TO CONFIG.

For composer, you can follow https://packagist.org/packages/ezyang/htmlpurifier.

In laravel, you can do this.

  1. Just run composer require "ezyang/htmlpurifier": "dev-master"
  2. Add your class to wrap the package. Done!
<?php
namespace App\Libs;

class HTMLPurifier {
    private static $purifier;

    /**
     * @param $value
     * @return mixed
     */
    public static function clean($value) {
        return self::getPurifier()->purify($value);
    }

    /**
     * @return \HTMLPurifier
     */
    private static function getPurifier() {

        if (is_null(self::$purifier)) {
            //Find full HTML5 config : https://github.com/kennberg/php-htmlpurfier-html5
            $config = \HTMLPurifier_Config::createDefault();
            $config->set('HTML.Doctype', 'HTML 4.01 Transitional');
            $config->set('HTML.SafeIframe', true);

            // Set some HTML5 properties
            $config->set('HTML.DefinitionID', 'html5-definitions'); // unqiue id
            $config->set('HTML.DefinitionRev', 1);
            if ($def = $config->maybeGetRawHTMLDefinition()) {
                // http://developers.whatwg.org/the-video-element.html#the-video-element
                $def->addElement('video', 'Block', 'Optional: (source, Flow) | (Flow, source) | Flow', 'Common', array(
                    'src'      => 'URI',
                    'type'     => 'Text',
                    'width'    => 'Length',
                    'height'   => 'Length',
                    'poster'   => 'URI',
                    'preload'  => 'Enum#auto,metadata,none',
                    'controls' => 'Bool',
                ));
            }
            self::$purifier = new \HTMLPurifier($config);

        }

        return self::$purifier;
    }

}

That code was changed from a Symfony example. http://stackoverflow.com/questions/28118222/html-purifier-remove-tinymce-html-5-video-tag

donavynelliott commented 7 years ago

@itbdw Thank you for this! I modified it to use middleware.

 <?php

namespace App\Http\Middleware;

use Closure;

class HTMLPurifier
{
    private static $purifier;

    /**
     * @param $value
     * @return mixed
     */
    public static function clean($value) {
        return self::getPurifier()->purify($value);
    }

    /**
     * @return \HTMLPurifier
     */
    private static function getPurifier() {

        if (is_null(self::$purifier)) {
            //Find full HTML5 config : https://github.com/kennberg/php-htmlpurfier-html5
            $config = \HTMLPurifier_Config::createDefault();
            $config->set('HTML.Doctype', 'HTML 4.01 Transitional');
            $config->set('HTML.SafeIframe', true);

            // Set some HTML5 properties
            $config->set('HTML.DefinitionID', 'html5-definitions'); // unqiue id
            $config->set('HTML.DefinitionRev', 1);
            if ($def = $config->maybeGetRawHTMLDefinition()) {
                // http://developers.whatwg.org/the-video-element.html#the-video-element
                $def->addElement('video', 'Block', 'Optional: (source, Flow) | (Flow, source) | Flow', 'Common', array(
                    'src'      => 'URI',
                    'type'     => 'Text',
                    'width'    => 'Length',
                    'height'   => 'Length',
                    'poster'   => 'URI',
                    'preload'  => 'Enum#auto,metadata,none',
                    'controls' => 'Bool',
                ));
            }
            self::$purifier = new \HTMLPurifier($config);

        }

        return self::$purifier;
    }

    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        $to_clean = func_get_args();
        unset($to_clean[0], $to_clean[1]);

        foreach ($to_clean as $field) {
            $request->$field = $this->clean($request->$field);
        }

        return $next($request);
    }
}