How can I safely render user-inputted HTML and remove javascript? How do Gmail, Yahoo Mail and the other big players on the internet safely render email as HTML and scrub out malicious JavaScript?
Asked
Active
Viewed 825 times
0
-
2This is usually done server-side. – sabof Mar 07 '14 at 22:10
-
I have found this blog post to be pretty informative: http://www.floyd.ch/?p=761. Basically, there's no way we can guarantee security. And to the moderators that marked this question as a duplicate, YOU'RE MISTAKEN. – burnt1ce Mar 08 '14 at 17:34
1 Answers
0
USE THE function strip_tags() from php WHEN YOU GET THE value of post or get in the server side you can strip it out.
user3173819
- 62
- 7