A Twig extension for voku/anti-xss.
Currently supported Twig features are:
Tag (recommended)
{% xss_clean %} <foo>bar</foo> {% end_xss_clean %}
Function
{{ xss_clean(' <foo>bar</foo>') }}
Filter
{{ '<foo>bar</foo>' | xss_clean }}
composer require voku/anti-xss-twig
First register the extension with Twig:
use voku\helper\AntiXSS;
use voku\twig\AntiXssExtension;
$twig = new Twig_Environment($loader);
$antiXss = new AntiXSS();
$twig->addExtension(new AntiXssExtension($antiXss));
Then use it in your templates:
{% xss_clean %} <foo>bar</foo> {% end_xss_clean %}
$twig->addExtension(new AntiXssExtension($antiXss));
See CHANGELOG for the full history of changes.