Vanilla 1 is no longer supported or maintained. If you need a copy, you can get it here.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.


edited November 2007 in Vanilla 1.0 Help
htmLawed is a single-file PHP software that makes input text secure and more standard-compliant, and suitable in general from the viewpoint of a web-page administrator, for use in the body of HTML 4, or XHTML 1 or 1.1 documents. It thus is a customizable HTML/XHTML filter, processor, purifier, sanitizer, etc., like the Kses, HTMLPurifier, etc., PHP scripts. htmLawed started as a modification of Ulf Harnhammar's Kses (version 0.2.2) sofware. It still follows the Kses way, and uses some of Ulf's code. htmLawed is compatible with code that uses Kses; Essentially its a souped up version of kses, a filter used by all the WYSIWYG extensions for vanilla this brings me to the same question again, Do we need a common html whitelist for all formatters or not.


  • Options
    speaking of whitelist, if you (or anyone, really) wanted to come up with a 'whitelist' appropriate for this forum of tags + allowed attributes (specific per tag), I could incorporate it into a 'use whitelist' option in the html formatter.

    ...not trying to compete with kses or anything, but I figured I might as well add a whitelist option into the html formatter.
This discussion has been closed.