Target | News |
Subject | HTMLPurifier |
Summary | WYSIWYG Editors require "allow HTML" for the system.But it must invite "Script Insertion" attacks easily.kentauls told me HTMLPurifier.http://htmlpurifier.org/It looks great especially smoketest for XSS.You should know HTMLPurifier can work with PHP5 o... |
I thought HTMLPurifier should work not only with PHP5 because I found two different zip files in the download section of their website (http://htmlpurifier.org/download.html); "HTML Purifier 2.1.2 PHP5-strict" and the other one not with PHP5-strict.