Security Core was created by, and is maintained by Graham Campbell, wrapper of voku/anti-xss for general use. Laravel wrappers for this package exist as Laravel Security and Laravel Binput. Feel free to check out the change log, releases, security policy, license, code of conduct, and contribution guidelines.
Security Core requires PHP 7.2-8.1.
To get the latest version, simply require the project using Composer:
$ composer require "graham-campbell/security-core:^3.1"
V1 was a port of the security class from CodeIgniter 3. CodeIgniter 4 will not be keeping this class, and so V2/3 now functions as a wrapper of voku/anti-xss, which superseeds CodeIgniter's security class.
To sanitize your string, simply call the
clean method on the
<?php use GrahamCampbell\SecurityCore\Security; // $clean = '<span/>X</span>'; $clean = Security::create()->clean('<span/onmouseover=confirm(1)>X</span>');
If you discover a security vulnerability within this package, please send an email to [email protected]. All security vulnerabilities will be promptly addressed. You may view our full security policy here.
Security Core is licensed under The MIT License (MIT).
Available as part of the Tidelift Subscription
The maintainers of
graham-campbell/security-core and thousands of other packages are working with Tidelift to deliver commercial support and maintenance for the open source dependencies you use to build your applications. Save time, reduce risk, and improve code health, while paying the maintainers of the exact dependencies you use. Learn more.