$dom->sanitize()
Sanitizes the DOM according to the provided configuration
Parameters
Name | Type | Default | Description |
---|---|---|---|
$options * | array |
– | Array with the following options: - allowedAttrPrefixes : Global list of allowed attribute prefixeslike data- and aria- - allowedAttrs : Global list of allowed attrs or true to allowany attribute - allowedDataUris : List of all MIME types that may be used indata URIs (only checked in urlAttrs and inside url() wrappers)or true for any- allowedDomains : Allowed hostnames for HTTP(S) URLs in urlAttrs and inside url() wrappers or true for any- allowHostRelativeUrls : Whether URLs that begin with / should beallowed even if the site index URL is in a subfolder (useful when using the HTML <base> element where the sanitized code will be rendered)- allowedNamespaces : Associative array of all allowed namespace URIs;the array keys are reference names that can be referred to from the allowedAttrPrefixes , allowedAttrs , allowedTags , disallowedTags and urlAttrs lists; the namespace names as used in the document are notvalidated; setting the whole option to true will allow any namespace- allowedPIs : Names of allowed XML processing instructions ortrue for any- allowedTags : Associative array of all allowed tag names with thevalue of either an array with the list of all allowed attributes for this tag, true to allow any attribute from the allowedAttrs listor false to allow the tag without any attributes;not listed tags will be unwrapped (removed, but children are kept); setting the whole option to true will allow any tag- attrCallback : Closure that will receive each DOMAttr and maymodify it; the callback must return an array with exception objects for each modification - disallowedTags : Array of explicitly disallowed tags, which willbe removed completely including their children (matched case-insensitively) - doctypeCallback : Closure that will receive the DOMDocumentType and may throw exceptions on validation errors - elementCallback : Closure that will receive each DOMElement andmay modify it; the callback must return an array with exception objects for each modification - urlAttrs : List of attributes that may contain URLs |
Return type
array
Exceptions
Type | Description |
---|---|
Kirby\Exception\InvalidArgumentException |
If the doctype is not valid |