htmLawed is a PHP script to process text with HTML markup to make it more compliant with HTML standards and administrative policies. It works by making HTML well-formed with balanced and properly nested tags, neutralizing code that may be used for cross-site scripting (XSS) attacks, allowing only specified HTML tags and attributes and URL protocols through black- or white-lists. It can also tidy/pretty-print HTML, make relative URLs absolute, check for spam, etc. It is small (single file of ~50 kb), fast, highly customizable, extensible and well-documented, and a simple alternative to the HTML Tidy application.
1.1.2010 Jun 2015 18:17
Fix for a potential security vulnerability arising from unescaped double-quote character in single-quoted attribute value of some deprecated elements when tag transformation is enabled; recognition for non-(HTML4) standard 'allowfullscreen' attribute of 'iframe.'
1.1.1919 Jan 2015 19:26
Fix for a bug in cleaning of soft-hyphens in URL values, etc.
1.1.1802 Aug 2014 14:07
Fix for a potential security vulnerability arising from specially encoded text with serial opening tags.