HTML Sanitisation is pretty important where user input is concerned, not doing so can easily let your users do some pretty funky things to your site.

The latest versions of the Known engine support a hook to call a sanitisation plugin when outputting bodies of text. The hook is called automatically whenever autop is called, but you can call it yourself if you want to.

Anyway, it would be remiss of me if I didn’t implement something that listened to this hook, so here’s a Known html sanitiser powered by HTML Purifier.

Check out the plugin, install and activate it in the usual way. Enjoy!

» Visit the project on Github...

Leave a Reply