|
SafeHTML v.1.3.7
SafeHTML is anti-XSS HTML parser, written in PHP.
Table of contents:
About this project
This parser strips down all potentially dangerous content within HTML: - opening tag without its closing tag
- closing tag without its opening tag
- any of these tags: “base”, “basefont”, “head”, “html”, “body”, “applet”, “object”,
“iframe”, “frame”, “frameset”, “script”, “layer”, “ilayer”, “embed”, “bgsound”,
“link”, “meta”, “style”, “title”, “blink”, “xml” etc.
- any of these attributes: on*, data*, dynsrc
- javascript:/vbscript:/about: etc. protocols
- expression/behavior etc. in styles
- any other active content
It also tries to convert code to XHTML valid, but htmltidy is far better solution for this task. Authors and copyrights
Author: Roman Ivanov.
Copyrights: © 2004–2005, Roman Ivanov
© 2004–2005, Pixel-Apes
© 2004–2005, JetStyle Contacts
If you found any bugs in this parser, please inform me — ICQ:551593 or
Please, subscribe to http://pixel-apes.com/safehtml/feed/rss feed in order to receive notices
when SafeHTML will be updated.
| |