+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20)
+--- Forum: Archived General Discussion (https://forum.codeigniter.com/forumdisplay.php?fid=21)
+--- Thread: Validating HTML Input (/showthread.php?tid=2725)
Validating HTML Input - El Forum - 08-21-2007
[eluser]DennisP[/eluser]
So I've been developing with CodeIgniter for about a month and a half now. I really like it so far.
One thing that's kind of bugging me, is the lack of built in HTML validation. I don't mean XSS filtering and such, but just checking for closing HTML tags, stripping bad tags out, removing onmouseover="", etc.
Anyways, does anyone have any tips on how to do this? Is there a library someone has written to do this?
Thanks.
Validating HTML Input - El Forum - 08-21-2007
[eluser]alpar[/eluser]
well the XSS filtering does not check for closing tags, but, it does strip pad tags, and it does remove bad Javascript (if not all of it) For the closing tag part you could find some regular expressions on the web.
Validating HTML Input - El Forum - 08-21-2007
[eluser]CI NC[/eluser]
http://htmlpurifier.org/
?
Validating HTML Input - El Forum - 01-13-2008
[eluser]Unknown[/eluser]
May find htmLawed useful.
Validating HTML Input - El Forum - 01-13-2008
[eluser]Derek Allard[/eluser]
Actually, I'd recommend another approach if possible. You can never trust that your user will write valid html, so you'll have to write it for them. This would mean markdown, or a wysiwyg form, or the typography class from CI.
Validating HTML Input - El Forum - 01-21-2008
[eluser]sikkle[/eluser]
XSS, html validation is a huge topic, also include to that mysql escape stuff.
I don't know if someone here already build a webpage somewhere explain and talking about this stuff.
*Maybe* i just say maybe some advanced user could open a thread and debate a bit about with a case and explain the why of.
this is just suggestion still.