Yes, Earl, it would be - if it worked. The problem is that it removes the "script" tag itself, but not the script text. There is an open core issue on this. The same problem applies to "style" as well. I started with filter_xss and a custom list of safe tags. Nancy E. Wichmann, PMP Injustice anywhere is a threat to justice everywhere. -- Dr. Martin L. King, Jr.
________________________________ From: Earl Miles <[email protected]> To: [email protected] Sent: Thu, June 10, 2010 5:58:02 PM Subject: Re: [development] Strip_tags and JS On 6/10/2010 12:39 PM, Jamie Holly wrote: > $text= preg_replace('/<script.*?<\/script>/xmsi', '', $text) should do > the trick. $text = strip_tags(filter_xss_admin($text)) is easier.
