My simple implementation of PHP strip_tags()
Vladimir Panteleev via Digitalmars-d
digitalmars-d at puremagic.com
Wed Jun 28 11:51:41 PDT 2017
On Wednesday, 28 June 2017 at 18:08:12 UTC, aberba wrote:
> I wanted strip_tags() for sanitization
Careful. If you don't implement this correctly (and it may be
surprisingly difficult to), you may expose your site to XSS
attacks.
Instead of stripping tags, you may want to encode HTML entities
instead ('<' -> "<" etc.)
> auto regex = ctRegex!(`</?(\w*)>`);
This will not capture <script src="...">.
More information about the Digitalmars-d
mailing list