HTML Purified

HTML Purified replaces the default WordPress comments filters with HTML Purifier, a super HTML filtering library.

HTML Purifier is a standards-compliant HTML filter library written in PHP. HTML Purifier will not only remove all malicious code (better known as XSS) with a thoroughly audited, secure yet permissive whitelist, it will also make sure your documents are standards compliant, something only achievable with a comprehensive knowledge of W3C’s specifications.

An additional feature of HTML Purifier is that it will produce valid well-formed XHTML code, something which KSES does not do.

Features:

• Configurable KSES or HTML Purifier
• Configurable list of HTML elements and attributes for both KSES and HTML purifier
• Additionally process comments with HTML Tidy
• URL blacklist
• Fully localized (and awaiting translations)
• Automatically escape PHP or anything inside backticks

HTML Purifier is available in:

• English
• Spanish, thanks to José Cuesta
• Belorussian, thanks to Marcis Gasuns
• Russian, thanks to Ilyuha
• Uzbekistan, thanks to Alexandra Bolshova
• Dutch, thanks to Pieter
• German, thanks to Andreas Beraz
• Polish, thanks to Kasia Ciszewski & Dawid Śpiechowicz
• Romanian, thanks to Alina @ InboxTranslations.com
• Lithuanian, thanks to Nata Strazda
• Ukranian, thanks to Iflexion Design

Documentation

Full documentation can be found on the HTML Purified page.