[wp-hackers] kses vs HTMP Purifier

Per Soderlind per at soderlind.no
Mon Jan 8 10:15:28 GMT 2007


> 
> > On 7 Jan 2007, at 22:50, Per Soderlind wrote:
> >
> > >
> > > Have anyone here looked at HTML Purifier (http://hp.jpsband.org/)?
> > >
> > > You'll find the comparison at:
> http://hp.jpsband.org/comparison.html
> > >
> >
> >
> > The main issue I have with it is the whitelist isn't user-definable -
> > a major issue, IMO.
> >
> > - Geoffrey Sneddon
> 
> I think you're wrong (if 'it' = HTML Purifier), as far as I can see the
> whitelist is user-definable.
> 
I'd like to follow up on this one, according to their doc, you can create a
whitelist using HTML.AllowedElements and HTML.AllowedAttributes: 
http://hp.jpsband.org/live/configdoc/plain.html#HTML.AllowedElements

There are (sample) plugins for MODx and Drupal at:
http://hp.jpsband.org/#Plugins

Note: I'm not saying HTML Purifier is better than kses, I'm asking; it is ?

Kind regards,
Per



More information about the wp-hackers mailing list