Chris Steipp wrote:
Does anyone know if mediawiki has ever used HTMLPurifier ( http://htmlpurifier.org/) as a library? Or if any extensions have used it?
I don't know of any MediaWiki-related code using HTMLPurifier.
I think I'd be remiss if I didn't mention that MediaWiki comes with its own HTML sanitizer. More information can be found here: https://www.mediawiki.org/wiki/HTML_restriction.
I'm looking at adding in a library for svg cleaning that depends on it, but not sure if that's something that can be added in, or if I should re-implement those features.
MediaWiki's Sanitizer.php was written long before HTMLPurifier existed. I imagine if such a thought-out and stable library had existed in 2002, Brion would have opted to use it instead of rolling his own. In general, the less reinventing of the wheel, the better. :-) Obviously you have to consider the licensing, speed, capability, security, and stability of such libraries when making a decision whether to use one, though.
MZMcBride