My simple implementation of PHP strip_tags()
aberba via Digitalmars-d
digitalmars-d at puremagic.com
Wed Jun 28 13:01:21 PDT 2017
On Wednesday, 28 June 2017 at 19:58:31 UTC, Vladimir Panteleev
wrote:
> On Wednesday, 28 June 2017 at 19:50:44 UTC, aberba wrote:
>>> Please read this ASAP:
>>> https://en.wikipedia.org/wiki/Cross-site_scripting
>>
>> Ha ha. I will strip out <script> tags in the regex. Its better
>> to get rig of tags where not needed for clients other than a
>> browser. Please criticize the stripTags() implementation
>
> I see you've ignored my advice.
>
> Please, at least read this section:
>
> https://en.wikipedia.org/wiki/Cross-site_scripting#Safely_validating_untrusted_HTML_input
My bad. I will read it.
More information about the Digitalmars-d
mailing list