I am looking for an easy and quick to install way to sanitize markdown in PHP.
I don't need an ultimate robust solution (as answers I saw in other questions) just something simple filtering the most dangerous tags (for example filtering the script tag among other things).
Is there such a thing that exists? Maybe a regex but I don't know what I need to filter.
I currently have the markdown sanitizer on the client side, but I need something on the PHP side or XSS will come in the way...
Ok so initially I read this question in which people answered about HTML purifier, but saying that it took a day to configure. For me it was too long for a small project.
But I actually tried it and the default installation took me less than five minutes and work just fine. So, HTML purifier is the way to go, even if you don't have much time.