Assume we have a string
$mystring = "<b> Hello"
How can I display this string using twig while preventing leaking html tags? Or in other word how can I make twig to close tags automatically if they are still open?
I guess {{ mystring | raw }}
just prints raw text without verifying / purifying.
sw_sanitize
does this already.
{{ '<b> hello' | sw_sanitize }}
Produces:
<b> hello</b
Internally \HTMLPurifier::purify
is used, which
Filters an HTML snippet/document to be XSS-free and standards-compliant.