Re: My simple implementation of PHP strip_tags()

Wed, 28 Jun 2017 11:56:19 -0700 

On Wednesday, 28 June 2017 at 18:08:12 UTC, aberba wrote:

I wanted strip_tags() for sanitization



Careful. If you don't implement this correctly (and it may be 
surprisingly difficult to), you may expose your site to XSS 
attacks.



Instead of stripping tags, you may want to encode HTML entities 
instead ('<' -> "&lt;" etc.)



        auto regex = ctRegex!(`</?(\w*)>`);


This will not capture <script src="...">.























					Reply via email to