Thanks, I decided to go with hook_tag:
function hookTag($element, $attributes = 0) {
// further filter tags
// closing tags
if (is_numeric($attributes)) {
return "</$element>";
}
// only allow images from uploads dir
if ($element === 'img' && !preg_match('/^http[s]*:\/\/example.com\/uploads\/[a-zA-Z0-9]+\.jpg$/', @$attributes['src'])) {
$attributes['src'] = 'http://example.com/invalid_image.jpg';
}
// convert attributes back to string
$string = '';
foreach ($attributes as $k => $v) {
$string .= " {$k}=\"{$v}\"";
}
$empty_elements = array('br' => 1, 'hr' => 1, 'img' => 1);
return "<{$element}{$string}".(array_key_exists($element, $empty_elements) ? ' /' : '').'>';
}
btw in documentation (https://www.bioinformatics.org/phplabware/internal_utilities/htmLawed/htmLawed_README.htm#s3.4.9) there is error (quotes around my_ should be double and dot should not be there):
$new_element = '<param id='my_'. $id; allowscriptaccess="never" />';