Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Strip all HTML attributes except for src

Tags:

html

regex

php

html-parsing

attributes

I'm trying to remove all tag attributes except for the src attribute. For example:

<p id="paragraph" class="green">This is a paragraph with an image <img src="/path/to/image.jpg" width="50" height="75"/></p>

Would be returned as:

<p>This is a paragraph with an image <img src="/path/to/image.jpg" /></p>

I have a regular expression to strip all attributes, but I'm trying to tweak it to leave in src. Here's what I have so far:

<?php preg_replace('/<([A-Z][A-Z0-9]*)(\b[^>]*)>/i', '<$1>', '<html><goes><here>');
like image 740
Ian McIntyre Silber Avatar asked Jun 08 '10 02:06

Ian McIntyre Silber

1 Answers

This might work for your needs:

$text = '<p id="paragraph" class="green">This is a paragraph with an image <img src="/path/to/image.jpg" width="50" height="75"/></p>';

echo preg_replace("/<([a-z][a-z0-9]*)(?:[^>]*(\ssrc=['\"][^'\"]*['\"]))?[^>]*?(\/?)>/i",'<$1$2$3>', $text);

// <p>This is a paragraph with an image <img src="/path/to/image.jpg"/></p>

The RegExp broken down:

/              # Start Pattern
 <             # Match '<' at beginning of tags
 (             # Start Capture Group $1 - Tag Name
  [a-z]         # Match 'a' through 'z'
  [a-z0-9]*     # Match 'a' through 'z' or '0' through '9' zero or more times
 )             # End Capture Group
 (?:           # Start Non-Capture Group
  [^>]*         # Match anything other than '>', Zero or More Times
  (             # Start Capture Group $2 - ' src="...."'
   \s            # Match one whitespace
   src=          # Match 'src='
   ['"]          # Match ' or "
   [^'"]*        # Match anything other than ' or " 
   ['"]          # Match ' or "
  )             # End Capture Group 2
 )?            # End Non-Capture Group, match group zero or one time
 [^>]*?        # Match anything other than '>', Zero or More times, not-greedy (wont eat the /)
 (\/?)         # Capture Group $3 - '/' if it is there
 >             # Match '>'
/i            # End Pattern - Case Insensitive

Add some quoting, and use the replacement text <$1$2$3> it should strip any non src= properties from well-formed HTML tags.

Please Note This isn't necessarily going to work on ALL input, as the Anti-HTML + RegExp people are so cleverly noting below. There are a few fallbacks, most notably <p style=">"> would end up <p>"> and a few other broken issues... I would recommend looking at Zend_Filter_StripTags as a full proof tags/attributes filter in PHP

like image 144
gnarf Avatar answered Oct 21 '22 06:10

gnarf
Sign in to Comment

Related questions

file_get_contents good way to handle errors [duplicate]
Passing an environment-variable into a php commandline script
Get live NFL scores/stats to read and manipulate?
Display SQL query results in php
Route [Controller@method] not defined
PHP : How to skip last element in foreach loop [duplicate]
Chrome not clearing SESSION COOKIES on close/exit
Automation of git pull using PHP code
Yii2 REST Simplify BasicAuth
How to redirect to home page after logout?
Symfony 2 - Entity has to be managed or scheduled for removal for single computation
Remove/delete laravel project
MySQL - How to get search results with accurate relevance
Codeigniter CSRF valid for only one time ajax request
How to set Telegram bot webhook?
Change column type to tinyInteger
Windows 10 Docker : /usr/bin/env: 'php\r': No such file or directory
php array_merge without erasing values?
unusual ternary operation
Change the URL through PHP

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!