Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming What do you do with html injections?
What do you do with html injections?
  • El Forum
    Unregistered
  •  
#5
03-22-2012, 12:26 AM

[eluser]PhilTem[/eluser]
For user input: Prepare the post-variables to not contain any harmful code (use e.g. xss-filtering)

For user output: Easiest way is to use htmlentities to convert each character to its corresponding html-entity. & turns to &, ...
A more advanced approach is to use something like http://htmlpurifier.org because you have more control over how the original input data will be changed.


Messages In This Thread
What do you do with html injections? - by El Forum - 03-21-2012, 12:15 PM
What do you do with html injections? - by El Forum - 03-21-2012, 12:43 PM
What do you do with html injections? - by El Forum - 03-21-2012, 01:41 PM
What do you do with html injections? - by El Forum - 03-21-2012, 01:48 PM
What do you do with html injections? - by El Forum - 03-22-2012, 12:26 AM
What do you do with html injections? - by El Forum - 03-22-2012, 09:37 AM
What do you do with html injections? - by El Forum - 03-23-2012, 02:40 AM



Theme © iAndrew 2016 - Forum software by © MyBB