On Nov 28, 2008, at 15:26, Elijah Insua wrote:
Html/Cross Site Scripting is more along the lines of what you are
talking about. There are tons of libraries out there that attempt
to kill off as many of these as possible.
The best one of these happens to be written in PHP:
http://htmlpurifier.org/
If your needs are extremely simple, HTML Purifier might be more than
you need, in which case a simple solution like this might work:
http://shiflett.org/blog/2007/mar/allowing-html-and-preventing-xss
Hope that helps.
Chris
--
Chris Shiflett
http://shiflett.org/
_______________________________________________
New York PHP User Group Community Talk Mailing List
http://lists.nyphp.org/mailman/listinfo/talk
http://www.nyphp.org/show_participation.php
