On Wednesday, 28 June 2017 at 19:50:44 UTC, aberba wrote:
Please read this ASAP: https://en.wikipedia.org/wiki/Cross-site_scriptingHa ha. I will strip out <script> tags in the regex. Its better to get rig of tags where not needed for clients other than a browser. Please criticize the stripTags() implementation
I see you've ignored my advice. Please, at least read this section: https://en.wikipedia.org/wiki/Cross-site_scripting#Safely_validating_untrusted_HTML_input
