HTML::Restrict - Strip unwanted HTML tags and attributes


version v3.0.1


use HTML::Restrict;

my $hr = HTML::Restrict->new();

# use default rules to start with (strip away all HTML)
my $processed = $hr->process('  <b>i am bold</b>  ');

# $processed now equals: 'i am bold'

# Now, a less restrictive example:
$hr = HTML::Restrict->new(
    rules => {
        b   => [],
        img => [qw( src alt / )]

my $html = q[<body><b>hello</b> <img src="pic.jpg" alt="me" id="test" /></body>];
$processed = $hr->process( $html );

# $processed now equals: <b>hello</b> <img src="pic.jpg" alt="me" />


This module uses HTML::Parser to strip HTML from text in a restrictive manner. By default all HTML is restricted. You may alter the default behaviour by supplying your own tag rules.



Creates and returns a new HTML::Restrict object.

my $hr = HTML::Restrict->new()

HTML::Restrict doesn't require any params to be passed to new. If your goal is to remove all HTML from text, then no further setup is required. Just pass your text to the process() method and you're done:

my $plain_text = $hr->process( $html );

If you need to set up specific rules, have a look at the params which HTML::Restrict recognizes:


process( $html )

This is the method which does the real work. It parses your data, removes any tags and attributes which are not specifically allowed and returns the resulting text. Requires and returns a SCALAR.


Accessor which returns a hash ref of the current rule set.


Accessor which returns an array ref of the current valid uri schemes.


Please note that all tag and attribute names passed via the rules param must be supplied in lower case.

# correct
my $hr = HTML::Restrict->new( rules => { body => ['onload'] } );

# throws a fatal error
my $hr = HTML::Restrict->new( rules => { Body => ['onLoad'] } );


There are already several modules on the CPAN which accomplish much of the same thing, but after doing a lot of poking around, I was unable to find a solution with a simple setup which I was happy with.

The most common use case might be stripping HTML from user submitted data completely or allowing just a few tags and attributes to be displayed. With the exception of URI scheme checking, this module doesn't do any validation on the actual content of the tags or attributes. If this is a requirement, you can either mess with the parser object, post-process the text yourself or have a look at one of the more feature-rich modules in the SEE ALSO section below.

My aim here is to keep things easy and, hopefully, cover a lot of the less complex use cases with just a few lines of code and some brief documentation. The idea is to be up and running quickly.


HTML::TagFilter, HTML::Defang, MojoMojo::Declaw, HTML::StripScripts, HTML::Detoxifier, HTML::Sanitizer, HTML::Scrubber


Thanks to Raybec Communications for funding my work on this module and for releasing it to the world.

Thanks also to the many other contributors.


Olaf Alders


This software is copyright (c) 2009 by Olaf Alders.

This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.