News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Juozas Kaziukenas' Blog:
HTML filtering and XSS protection
March 23, 2009 @ 10:21:49

Juozas Kaziukenas has an example of how to keep you and your application's data safe from prying eyes by filtering input with the HTML_Purifier package.

It's really hard to decide what data is acceptable, especially when user has permission to insert HTML content through form. [...] However, problem can be solved, and quite easily. Almost a year ago I was reading some random blog when I find out about HTML Purifier. Basically, it's library which can filter and fix any HTML.

He gives an example - running a web scraping tool against a site with malformed HTML. By running it through the HTML_Purifier package first, the errors were corrected and the "more correct" HTML source could be parsed easily. The package also helps to protect from XSS attacks via a whole set of filters included by default.

0 comments voice your opinion now!
html filtering xss protection htmlpurifier package


blog comments powered by Disqus

Similar Posts

Tecmint.com: Install Apache, MySQL 5.5.27 & PHP 5.4.7 on RHEL/CentOS 6.3/5.6 & Fedora 17-12

Secubos.com: Cross-Site Scripting Vulnerability in phpFaber

Daniel O'Connor's Blog: How to customise PHP_CodeSniffer

SitePoint PHP Blog: Top 7 PHP Security Blunders

Programmer Assist: Handling File Uploads With PHP


Community Events





Don't see your event here?
Let us know!


composer language interview introduction laravel install podcast library opinion framework symfony tool package series release voicesoftheelephpant security update community version

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework