in reply to
Regex: Strip <script> tags?
I use the following in a piece of code here:
# Strip <script [..]>..</script> and <style>..</style>
$content =~ s!<(s(?:cript|tyle))[^>]*>.*?</\1>!!gis;
Have a look at HTML::StripScripts::Parser, which allows you to customise the HTML / CSS that you would like to allow, while removing XSS attacks.
Results (637 votes),