On Tuesday 26 June 2007 16:22, Clinton Gormley wrote: > - used to strip XSS scripting from user submitted HTML
Ooooh, cool! I haven't found any modules that does that well enough. > - outputs valid HTML (cleans up nesting, context of tags etc) > > - handles the exploits listed at http://ha.ckers.org/xss.html Great! > I hope this helps others, and if anybody has any suggestions, please > feed them back to me Actually, something I would feel would be very useful is if it could return an XML::LibXML::DocumentFragment object. I tend to use XML::LibXML to parse user input and insert in the document, which is then going through some XSLT, and since you've allready parsed stuff, it seems like a waste to parse again. So that's my feature request! :-) Cheers, Kjetil -- Kjetil Kjernsmo Information Systems Developer Opera Software ASA
