Various corrections

2026-03-09 15:48:45 +01:00
parent 5b37d2bcd8
commit edb1752f32
6 changed files with 72 additions and 9 deletions
--- a/src/Services/HtmlSanitizer.php
+++ b/src/Services/HtmlSanitizer.php
@@ -0,0 +1,32 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Services;
+
+use HTMLPurifier;
+use HTMLPurifier_Config;
+
+final class HtmlSanitizer
+{
+    private HTMLPurifier $purifier;
+
+    public function __construct()
+    {
+        $config = HTMLPurifier_Config::createDefault();
+        // Autoriser les balises courantes de formatage
+        $config->set('HTML.Allowed', 'p,br,strong,em,u,h1,h2,h3,h4,h5,h6,ul,ol,li,blockquote,a[href],img[src|alt|width|height]');
+        // Désactiver les attributs dangereux
+        $config->set('HTML.AllowedAttributes', 'href,src,alt,width,height,title');
+        // Activer le cache
+        $config->set('Cache.DefinitionImpl', 'Serializer');
+        $config->set('Cache.SerializerPath', __DIR__ . '/../../var/cache/htmlpurifier');
+
+        $this->purifier = new HTMLPurifier($config);
+    }
+
+    public function sanitize(string $html): string
+    {
+        return $this->purifier->purify($html);
+    }
+}