Symfony HTML Sanitizer
An object-oriented PHP library for sanitizing untrusted HTML input to prevent XSS and other injection attacks.
What is Symfony HTML Sanitizer?
Symfony HtmlSanitizer is a PHP library that provides a configurable, object-oriented API to clean untrusted HTML input before it is inserted into a document's DOM. It helps prevent cross-site scripting (XSS) attacks and other security vulnerabilities by removing or neutralizing dangerous elements and attributes while preserving safe content. The component includes safe defaults based on W3C Sanitizer API standards and allows granular control over allowed HTML.
PHP developers, particularly those using the Symfony framework, who need to securely process user-generated HTML content in web applications, such as in CMS, forums, or comment systems.
Developers choose this component for its security-first design, fine-grained configurability for element and attribute control, and adherence to modern standards like the W3C Sanitizer API. It offers robust protection against XSS with flexible options for URL security, context-aware sanitization, and custom attribute sanitizers.
Overview
Provides an object-oriented API to sanitize untrusted HTML input for safe insertion into a document's DOM.
Use Cases
Best For
- Securing user-generated HTML in Symfony-based applications to prevent XSS attacks.
Related Projects
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.
