snappdf icon indicating copy to clipboard operation
snappdf copied to clipboard

Published 20 hours ago verified publisher icon beganovich

Sanitize HTML

Open beganovich opened this issue 7 months ago • 0 comments

It would be nice to give users the option to sanitize HTML input to prevent any leaks from the system.

Example:

function sanitizeHTML($html) {
  $html = preg_replace('/<([a-zA-Z0-9]+)\s+(on\w*)="[^"]*"/i', '<$1', $html);
  
  $blacklistTags = ['<script>', '</script>', '<iframe>', '</iframe>', '<object>', '</object>', '<embed>', '</embed>'];
  
  $html = str_ireplace($blacklistTags, '', $html);
}

beganovich avatar Jul 05 '24 08:07 beganovich