2.0.0 Released

HTML Purifier 2.0 is the culmination of two major architectural changes. The first is Tidy, which enables HTML Purifier to both natively support deprecated elements and also convert them to standards-compliant alternatives. The second is the Advanced API, which enables users to create new elements and attributes with ease. Keeping in line with a commitment to high quality, there are also five esoteric bug-fixes and a plethora of subtle improvements that enhance the library.

What is HTML Purifier?

HTML Purifier is a standards-compliant HTML filter written in PHP. Because it uses whitelists and a comprehensive knowledge of the HTML specification, it is bullet-proof against XSS, fixes malformed input rather than reject it, and is open and extensible. Don't take my word for it: try the demo or read how HTML Purifier compares to other libraries.

What is Tidy?

While Tidy may remind of HTMLTidy, our Tidy has nothing to do with Dave Raggett's library. Previously, HTML Purifier was really fussy about deprecated elements and always tried to convert them to standards-compliant alternatives. Now, you can pick: stay with the deprecated (but valid) elements or clean them up! Read more about it in the Tidy documentation.

What is the Advanced API?

The Advanced API is a powerful new interface users can use to customize HTML Purifier with their own custom attributes and elements. Read more about it in the customization documentation.

Backwards-incompatible changes

There are a few behavioral changes that may break code written for esoteric features of the previous versions:

I take backwards-compatibility very seriously, so if you have any problems pop on over to the forums and I'll do whatever I can to help you.

What is new?

Tidy and the Advanced API are all fine and dandy, but they're aimed towards the advanced user. HTML Purifier 2.0.0 also has a number of extra features that target the common guy too! Here are the more notable ones:

As usual, you can see a full list of changes, bugfixes and other miscellanea in News.

Spread the word!

Used HTML Purifier and liked it? Interested but will investigate later? Disbelieving at the prospect of bullet-proof XSS protection? Whatever your thoughts, help spread the word!