Subscribe: SourceForge.net: SF.net Project News: kses - PHP HTML/XHTML filter
http://sourceforge.net/export/rss2_projnews.php?group_id=81853
Preview: SourceForge.net: SF.net Project News: kses - PHP HTML/XHTML filter

Recent changes to news



Recent changes to news



Last Build Date: Mon, 07 Feb 2005 03:03:12 -0000

 



kses 0.2.2 out now

Mon, 07 Feb 2005 03:03:12 -0000

kses is an HTML/XHTML filter written in PHP. It removes all unwanted HTML elements and attributes, and it also does several checks on attribute values. kses can be used to avoid Cross-Site Scripting (XSS), Buffer Overflows and Denial of Service attacks. It is used by popular programs such as WordPress and Geeklog.

The 0.2.2 release adds a second object-oriented kses version for PHP 5, the use of isset() avoids PHP notice warnings, the chr(173) handling is changed to help Asian users, and the handling of closing HTML elements is improved.




kses 0.2.1 out now

Mon, 29 Sep 2003 08:05:28 -0000

kses is an HTML/XHTML filter written in PHP. It removes all unwanted HTML elements and attributes, and it also does several checks on attribute values. kses can be used to avoid Cross-Site Scripting (XSS), Buffer Overflows and Denial of Service attacks.

The 0.2.1 release adds a new object-oriented version of kses, three new attribute value checks (minlen, minval and valueless), a work-around for an Opera "feature" that treats chr(173) as whitespace, and some other minor changes.




kses 0.2.0 out now

Fri, 25 Jul 2003 11:42:14 -0000

kses is an HTML/XHTML filter written in PHP. It removes all unwanted HTML elements and attributes, and it also does several checks on attribute values. kses can be used to avoid Cross-Site Scripting (XSS), Buffer Overflows and Denial of Service attacks.

Version 0.2.0 is out now. It supports attribute value checks (maxlen and maxval), white listing of allowed URL protocols, XHTML, removal of Netscape 4's JavaScript entities and it also has some bug fixes.




kses 0.1.0 out now

Mon, 09 Jun 2003 14:16:07 -0000

kses is an HTML filter written in PHP. It filters all HTML elements and attributes that are not allowed - no matter how strange or tricky the HTML code is. This is helpful to stop XSS (Cross-site Scripting) security holes, among other things.

Version 0.1.0 of the program is out now. It's the first public release.