Beefy Boxes and Bandwidth Generously Provided by pair Networks
good chemistry is complicated,
and a little bit messy -LW
 
PerlMonks  

Re: Best Module for Cross-Site Scripting ?

by rowdog (Curate)
on Aug 19, 2010 at 11:13 UTC ( #855999=note: print w/replies, xml ) Need Help??


in reply to Best Module for Cross-Site Scripting ?

You should be able to clean up the tags with one of the tidy or lint modules. As for avoiding JavaScript injection, my advice would be to skip HTML altogether and let the users use something like BBCode instead. You will also want to run the user input through something like HTML::Entities to escape any attempts at markup.

Please be careful; it's very easy to screw up this kind of code with one little mistake.

  • Comment on Re: Best Module for Cross-Site Scripting ?

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://855999]
help
Chatterbox?
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others chilling in the Monastery: (6)
As of 2017-11-19 16:38 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    In order to be able to say "I know Perl", you must have:













    Results (282 votes). Check out past polls.

    Notices?