[英]HTML sanitizing for my tinymce editor
I already have read a question about this here ... Now I know, that there are many libs, which allow me to sanitize my string... 我已经在这里阅读了有关此问题的信息...现在,我知道有很多库可以让我对字符串进行清理...
The Problem 问题
I use the TinyMCE editor for every text input on my website. 我在网站上输入的每个文本都使用TinyMCE编辑器。 Users can use HTML tags like
<b>
, <li>
, <ol>
, <p>
and so on. 用户可以使用HTML标记,例如
<b>
, <li>
, <ol>
, <p>
等。
I don't want to "allow" cross side scripting on my website, so I need a tool, which can filter the "bad" tags :) 我不想在网站上“允许”跨脚本编写,因此我需要一个工具,该工具可以过滤“不良”标签:)
I want to use it like $string = sanitize($string)
. 我想像
$string = sanitize($string)
这样使用它。 It doesn't have to be exactly like this, but it should be easy to use ^^ 不一定完全是这样,但是应该很容易使用^^
I already read about such tools, but I'm not sure which one is the best ... 我已经读过有关此类工具的信息,但是我不确定哪一种是最好的...
Suggestions would be great :) 建议会很棒:)
You must do this check on the server side. 您必须在服务器端执行此检查。 It looks like your's is PHP (or Perl?).
看起来您的是PHP(或Perl?)。 See this: Sanitizing HTML input
请参见: 清理HTML输入
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.