我的tinymce编辑器的HTML清理
[英]HTML sanitizing for my tinymce editor
问题描述
I already have read a question about this here ... Now I know, that there are many libs, which allow me to sanitize my string... 
我已经在这里阅读了有关此问题的信息...现在,我知道有很多库可以让我对字符串进行清理...
The Problem 问题
I use the TinyMCE editor for every text input on my website. 我在网站上输入的每个文本都使用TinyMCE编辑器。 Users can use HTML tags like <b> , <li> , <ol> , <p> and so on. 用户可以使用HTML标记,例如<b> , <li> , <ol> , <p>等。
I don't want to "allow" cross side scripting on my website, so I need a tool, which can filter the "bad" tags :) 我不想在网站上“允许”跨脚本编写,因此我需要一个工具,该工具可以过滤“不良”标签:)
I want to use it like $string = sanitize($string) . 我想像$string = sanitize($string)这样使用它。 It doesn't have to be exactly like this, but it should be easy to use ^^ 不一定完全是这样,但是应该很容易使用^^
I already read about such tools, but I'm not sure which one is the best ... 我已经读过有关此类工具的信息,但是我不确定哪一种是最好的...
Suggestions would be great :) 建议会很棒:)
1 个解决方案
解决方案1
0 2016-05-06 18:14:11
You must do this check on the server side. 您必须在服务器端执行此检查。 It looks like your's is PHP (or Perl?). 看起来您的是PHP(或Perl?)。 See this: Sanitizing HTML input 请参见: 清理HTML输入
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.