Documentation

HTML Purifier's documentation is organized by topic. New users should read the INSTALL file that comes with your HTML Purifier download. Any questions about HTML Purifier can be asked at the support forums (no registration required!)

For Advanced Users

P.S. HTML Purifier's source code is well documented and very readable. If a question of your isn't answered by any of the above resources, go to the source! (Or ask in the forums.)

Frequently Asked Questions

What does %HTML.Allowed mean?

The percent-dot format is a shorthand for HTML Purifier's configuration directives. It takes the form of %Namespace.Directive. For practical purposes, %HTML.Allowed translates into the following PHP code: 

$config->set('HTML', 'Allowed', $value);

How do I prevent foreign characters like ä from turning into ä?

This usually means that HTML Purifier is parsing your code as UTF-8, but your output encoding is something else. Read up this document on UTF-8 to learn how to fix this. (Short answer: use %Core.Encoding or switch to UTF-8.)

I can't use the target or name attribute in my a tags!

The target attribute has been deprecated for a long time, so I highly recommend you look at other ways of, say, opening new windows when you click a link (my favorites are “Don't do it!” or, if you must, JavaScript) But if you must, the %Attr.AllowedFrameTargets directive is what you are looking for.

The name attribute is dependent on IDs being enabled. See this document on enabling user IDs for more information.

Is HTML Purifier slow?

HTML Purifier isn't exactly light or speedy; this is a tradeoff for the power and security the library affords. You can combat this by reading Speeding up HTML Purifier or using the standalone version.

Miscellaneous