htmlpurifier

HTMLPurifier allowing blockquote and ins tag with cite


I want the following tags to be allowed in HTMLPurifier. For example:

<ins cite="blog.html"></ins>
<blockquote cite="https://www.google.com/"></blockquote>

Thank you


Solution

  • You can add additional tags and attributes to the allowed list. For example, to add blockquote and ins tags with the cite attribute:

     $config = HTMLPurifier_Config::createDefault();
     $def = $config->getHTMLDefinition(true);
     $def->addElement('blockquote', 'Block', 'Flow', 'Common', ['cite' => 'URI']);
     $def->addElement('ins', 'Inline', 'Flow', 'Common', ['cite' => 'URI']);
     $purifier = new HTMLPurifier($config);
    

    Now, when you use this $purifier instance to purify HTML, it will allow the cite attribute for both blockquote and ins tags in addition to the default allowed tags and attributes.

    Remember to customize the allowed elements and attributes carefully to match your specific use case and security requirements. Always validate and sanitize user input to prevent XSS attacks and other security vulnerabilities in your application.