My simple implementation of PHP strip_tags()

aberba via Digitalmars-d digitalmars-d at puremagic.com
Wed Jun 28 13:01:21 PDT 2017


On Wednesday, 28 June 2017 at 19:58:31 UTC, Vladimir Panteleev 
wrote:
> On Wednesday, 28 June 2017 at 19:50:44 UTC, aberba wrote:
>>> Please read this ASAP: 
>>> https://en.wikipedia.org/wiki/Cross-site_scripting
>>
>> Ha ha. I will strip out <script> tags in the regex. Its better 
>> to get rig of tags where not needed for clients other than a 
>> browser. Please criticize the stripTags() implementation
>
> I see you've ignored my advice.
>
> Please, at least read this section:
>
> https://en.wikipedia.org/wiki/Cross-site_scripting#Safely_validating_untrusted_HTML_input

My bad. I will read it.


More information about the Digitalmars-d mailing list