How to replace the sanitize class in cakephp 3?

Question

currently, I'm working on cakephp upgrade from 2.10 to 3.8, I noticed that the classe Sanitize has been removed. Does anyone know how to replace it ?

I have this following function :

public function view( $page )
{
        $page = Sanitize::paranoid( $page, array('-', '_') );
        $this->render( $page );
}

Answer 1

Really depends on your threat model, ie on what exactly you're trying to protect against.

Sanitize:paranoid() removes non-alphanumeric characters, except the ones in the $allowed argument, so if you wanted to replace the behavior 1:1, you could for example use a regular expression:

$page = preg_replace('/[^\w\-]/', '', $page);