Login

08-21-2007, 12:24 PM

[eluser]DennisP[/eluser]
So I've been developing with CodeIgniter for about a month and a half now. I really like it so far. Smile

One thing that's kind of bugging me, is the lack of built in HTML validation. I don't mean XSS filtering and such, but just checking for closing HTML tags, stripping bad tags out, removing onmouseover="", etc.

Anyways, does anyone have any tips on how to do this? Is there a library someone has written to do this?

Thanks. Smile

08-21-2007, 01:27 PM

[eluser]alpar[/eluser]
well the XSS filtering does not check for closing tags, but, it does strip pad tags, and it does remove bad Javascript (if not all of it) For the closing tag part you could find some regular expressions on the web.

08-21-2007, 02:02 PM

[eluser]CI NC[/eluser]
http://htmlpurifier.org/

?

01-13-2008, 04:10 PM

[eluser]Unknown[/eluser]
May find htmLawed useful.

01-13-2008, 09:14 PM

[eluser]Derek Allard[/eluser]
Actually, I'd recommend another approach if possible. You can never trust that your user will write valid html, so you'll have to write it for them. This would mean markdown, or a wysiwyg form, or the typography class from CI.

01-21-2008, 08:50 PM

[eluser]sikkle[/eluser]
XSS, html validation is a huge topic, also include to that mysql escape stuff.

I don't know if someone here already build a webpage somewhere explain and talking about this stuff.

*Maybe* i just say maybe some advanced user could open a thread and debate a bit about with a case and explain the why of.

this is just suggestion still.