> and CodeCleaner:
>
> http://www.antiwrap.com/?140
Single pass regex scripts are usually easily faked, just make
sure the output of the regex is what you really want. I doubt the
script protection will work against for instance:
<<script></script>script type="text/_javascript_">
alert("Don't try writing XSS protection at home.");
</script>
Whenever possible, use built-in functionality such as
HTMLEditFormat(), HTMLCodeFormat() and cfqueryparam.
Jochem
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings] [Donations and Support]