diff --git a/application/helpers/html_helper.php b/application/helpers/html_helper.php
index c3edcf3a..785518ec 100644
--- a/application/helpers/html_helper.php
+++ b/application/helpers/html_helper.php
@@ -178,3 +178,21 @@ if (!function_exists('slot')) {
}
}
}
+
+if (!function_exists('pure_html')) {
+ /**
+ * Use this function in order to render HTML that comes from a text editor or similar, but strip the JS from it.
+ *
+ * @param string $markup
+ *
+ * @return string
+ */
+ function pure_html(string $markup): string
+ {
+ $config = HTMLPurifier_Config::createDefault();
+
+ $purifier = new HTMLPurifier($config);
+
+ return $purifier->purify($markup);
+ }
+}
diff --git a/composer.json b/composer.json
index f175ec06..2be97738 100644
--- a/composer.json
+++ b/composer.json
@@ -40,7 +40,8 @@
"monolog/monolog": "^2.8.0",
"google/apiclient": "^2.12.6",
"guzzlehttp/guzzle": "^7.5.0",
- "sabre/vobject": "^4.5"
+ "sabre/vobject": "^4.5",
+ "ezyang/htmlpurifier": "^4.17"
},
"require-dev": {
"roave/security-advisories": "dev-master",
diff --git a/composer.lock b/composer.lock
index 1c5ab47d..508b4c85 100644
--- a/composer.lock
+++ b/composer.lock
@@ -4,8 +4,69 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
"This file is @generated automatically"
],
- "content-hash": "42334bbe254b633b82b51280317f82a9",
+ "content-hash": "f9e5d7652965f4a744ffe0112e9e419c",
"packages": [
+ {
+ "name": "ezyang/htmlpurifier",
+ "version": "v4.17.0",
+ "source": {
+ "type": "git",
+ "url": "https://github.com/ezyang/htmlpurifier.git",
+ "reference": "bbc513d79acf6691fa9cf10f192c90dd2957f18c"
+ },
+ "dist": {
+ "type": "zip",
+ "url": "https://api.github.com/repos/ezyang/htmlpurifier/zipball/bbc513d79acf6691fa9cf10f192c90dd2957f18c",
+ "reference": "bbc513d79acf6691fa9cf10f192c90dd2957f18c",
+ "shasum": ""
+ },
+ "require": {
+ "php": "~5.6.0 || ~7.0.0 || ~7.1.0 || ~7.2.0 || ~7.3.0 || ~7.4.0 || ~8.0.0 || ~8.1.0 || ~8.2.0 || ~8.3.0"
+ },
+ "require-dev": {
+ "cerdic/css-tidy": "^1.7 || ^2.0",
+ "simpletest/simpletest": "dev-master"
+ },
+ "suggest": {
+ "cerdic/css-tidy": "If you want to use the filter 'Filter.ExtractStyleBlocks'.",
+ "ext-bcmath": "Used for unit conversion and imagecrash protection",
+ "ext-iconv": "Converts text to and from non-UTF-8 encodings",
+ "ext-tidy": "Used for pretty-printing HTML"
+ },
+ "type": "library",
+ "autoload": {
+ "files": [
+ "library/HTMLPurifier.composer.php"
+ ],
+ "psr-0": {
+ "HTMLPurifier": "library/"
+ },
+ "exclude-from-classmap": [
+ "/library/HTMLPurifier/Language/"
+ ]
+ },
+ "notification-url": "https://packagist.org/downloads/",
+ "license": [
+ "LGPL-2.1-or-later"
+ ],
+ "authors": [
+ {
+ "name": "Edward Z. Yang",
+ "email": "admin@htmlpurifier.org",
+ "homepage": "http://ezyang.com"
+ }
+ ],
+ "description": "Standards compliant HTML filter written in PHP",
+ "homepage": "http://htmlpurifier.org/",
+ "keywords": [
+ "html"
+ ],
+ "support": {
+ "issues": "https://github.com/ezyang/htmlpurifier/issues",
+ "source": "https://github.com/ezyang/htmlpurifier/tree/v4.17.0"
+ },
+ "time": "2023-11-17T15:01:25+00:00"
+ },
{
"name": "firebase/php-jwt",
"version": "v6.10.0",
@@ -4215,7 +4276,7 @@
"prefer-stable": false,
"prefer-lowest": false,
"platform": {
- "php": ">=8.0",
+ "php": ">=8.1",
"ext-curl": "*",
"ext-json": "*",
"ext-mbstring": "*",