[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bugtraq
Subject:    strip_tags() but not only vulnerability
From:       Tõnu_Samuel <tonu () jes ! ee>
Date:       2006-03-29 13:15:14
Message-ID: 200603291615.15622.tonu () jes ! ee
[Download RAW message or body]

Some time ago I wrote document describing common problem with cleaning up 
HTML. PHP manual states some little warning about topic but no solution on 
http://www.php.net/strip_tags

Many websites are still vulnerable and similar problems happen not depending 
on programming language too often:

http://www.jes.ee/~tonu/strip.php

Please do not start flamewar, I know some people might find this information 
useful. Yes, it is not "advanced" and this is why people often do not notice 
the problem.

  Tõnu

[prev in list] [next in list] [prev in thread] [next in thread]