we had our own stripping methods. Just get the source for slashcode http://slashcode.com and look for
Slash/Display/Display.pm: strip_paramattr => \&strip_paramattr, Slash/Display/Display.pm: strip_urlattr => \&strip_urlattr, Slash/Display/Display.pm: strip_anchor => \&strip_anchor, Slash/Display/Display.pm: strip_attribute => \&strip_attribute, Slash/Display/Display.pm: strip_code => \&strip_code, Slash/Display/Display.pm: strip_extrans => \&strip_extrans, Slash/Display/Display.pm: strip_html => \&strip_html, Slash/Display/Display.pm: strip_literal => \&strip_literal, Slash/Display/Display.pm: strip_nohtml => \&strip_nohtml, Slash/Display/Display.pm: strip_notags => \&strip_notags, Slash/Display/Display.pm: strip_plaintext => \&strip_plaintext,
and this'll give you an idea of what slashcode does to deal with it.
Hope this helps,
Patrick
Aleksandr Guidrevitch wrote:
Hi, All
What have you used to stip out that stuff ? I've reviewied HTML::StripScripts, but it seems to be very slow. I've also
considered HTML::Filter to do that but I'm also affraid that HTML::Parser is not the fastest thing on the earth, even though
it will be invoked once during initial submission.
Could you also advise on this "safe" subset of html you use ?
Sincerely, Alex
Patrick Galbraith wrote:
Strip out stuff that could be problematic. This is what we did with Slash. We strip out javascript or any tag that can be problematic, or be used even to break the layout of the page. It'll make you're life much easier ;) Take this from someone who coded tons of features to ward off trolls!
-- ---------------------- Patrick Galbraith Senior Software Developer [EMAIL PROTECTED] [EMAIL PROTECTED] 206.719.2461
