What is HTML Purifier?
HTML Purifier is a standards-compliant HTML filter library written in PHP. HTML Purifier will not only remove all malicious code (better known as XSS) with a thoroughly audited, secure yet permissive whitelist, it will also make sure your documents are standards compliant, something only achievable with a comprehensive knowledge of W3C's specifications.
What's new in 3.0?
Release 3.0.0 is the first release of 2008 and also HTML Purifier's first PHP 5 only release.
The 2.1 series will still be supported for bug and security fixes, but will not get new features. This release a number of improvements in CSS handling, including the filter
HTMLPurifier_Filter_ExtractStyleBlockswhich integrates HTML Purifier with
CSSTidy for cleaning style sheets (see the source code file for more information on usage), contains experimental support for proprietary CSS properties with %CSS. Proprietary, case-insensitive CSS properties, and more lenient hexadecimal color codes. Also, all code has been upgraded to full PHP 5 and isE_STRICTclean for all versions of PHP 5 (including the 5.0 series, which previously had parse-time errors).
You can run a live demo to see it at work.
