XSS filtering function in PHP

前端未结

关注

 10  1640

轮回少年 2020-11-27 11:18

Does anyone know of a good function out there for filtering generic input from forms? Zend_Filter_input seems to require prior knowledge of the contents of the input and I\'

10条回答

北海茫月 (楼主)

2020-11-27 11:36

According to www.mcafeesecure.com General Solution for vulnerable to cross-site scripting (XSS) filter function can be:

function xss_cleaner($input_str) {
    $return_str = str_replace( array('<','>',"'",'"',')','('), array('<','>',''','"',')','('), $input_str );
    $return_str = str_ireplace( '%3Cscript', '', $return_str );
    return $return_str;
}

0 讨论(0)

查看其它10个回答