Beefy Boxes and Bandwidth Generously Provided by pair Networks
Pathologically Eclectic Rubbish Lister

Re: Best Module for Cross-Site Scripting ?

by rowdog (Curate)
on Aug 19, 2010 at 11:13 UTC ( #855999=note: print w/ replies, xml ) Need Help??

in reply to Best Module for Cross-Site Scripting ?

You should be able to clean up the tags with one of the tidy or lint modules. As for avoiding JavaScript injection, my advice would be to skip HTML altogether and let the users use something like BBCode instead. You will also want to run the user input through something like HTML::Entities to escape any attempts at markup.

Please be careful; it's very easy to screw up this kind of code with one little mistake.

Comment on Re: Best Module for Cross-Site Scripting ?

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://855999]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others making s'mores by the fire in the courtyard of the Monastery: (7)
As of 2015-11-29 13:43 GMT
Find Nodes?
    Voting Booth?

    What would be the most significant thing to happen if a rope (or wire) tied the Earth and the Moon together?

    Results (751 votes), past polls