example: HTML escape WHOIS registrant data

[Jpnock]

Issue

It is possible for WHOIS registrant data to include HTML tags. Many domain registrars will sanitise this input, however it is relatively simple to add HTML to the remarks section of WHOIS data if you control an Autonomous System or IP block.

The example script in this repo does not escape the $result['rawdata'] and thus if HTML is included within the WHOIS response, it is directly rendered on the page if the script is invoked as follows example.php?query=AS_NUMBER.

I have reproduced this behaviour locally.

What does this PR do?

• Escapes the $result['rawdata'] to make sure that a WHOIS response does not cause HTML from that response to be rendered
• Additionally, escapes the Whois error results as a good precaution

Example

For example, without the fix, this query can change the stying of the page to blue rather than white.