angular-filter icon indicating copy to clipboard operation
angular-filter copied to clipboard

Published 20 hours ago verified publisher icon a8m

It is possible to fool strip-tags

Open engelfrost opened this issue 10 years ago • 0 comments

'<scr<script></script>ipt> alert(document.cookie);</scr</kj>ipt>' turns into <script> alert(document.cookie);</script>.

The simpler regexp /<[^>]+>/g does strip the HTML.

engelfrost avatar Nov 04 '15 12:11 engelfrost