Extension:HTMLPurifier

The HTMLPurifier extension allows users to input raw HTML by using HTML Purifier to sanitize it.

Usage
Once installed, users will be able to use the  tag to input HTML in any page, like so:

This link was done with HTML rather than wikitext!

To avoid security risks, all HTML is passed through HTML Purifier, a mature and thoroughly audited PHP library that strips off all malicious and suspect code.

Configuration
The only configuration option is an associative array that controls the configuration of HTML Purifier itself. For example:

The extension has a HTMLPurifierBeforePurify hook to do more advanced configurations. For example, to allow tags, add the following to your LocalSettings.php:

The extension also has a HTMLPurifierAfterPurify hook to further transform the purified HTML. For example, to reintroduce extracted tags, add the following to your LocalSettings.php: