PEAK XOOPS - Re: Re: HTMLPurifier 
Re: Re: HTMLPurifier
| Target | News |
| Subject | HTMLPurifier |
| Summary | WYSIWYG Editors require "allow HTML" for the system.But it must invite "Script Insertion" attacks easily.kentauls told me HTMLPurifier.http://htmlpurifier.org/It looks great especially smoketest for XSS.You should know HTMLPurifier can work with PHP5 o... |
Re: Re: HTMLPurifier
msg# 1.1.1
- depth:
- 2
GIJOE
Posts: 4110
Posts: 4110
hi kentauls.
Quote:
No. I use the latter, of course.
If we run the "strict version" with PHP4, it must raise "fatal errors".
(PHP4 never allows 'private' etc.)
Anyway, the lifetime of PHP4 will be ended soon.
This problem will be non-sense
Quote:
I thought HTMLPurifier should work not only with PHP5 because I found two different zip files in the download section of their website (http://htmlpurifier.org/download.html); "HTML Purifier 2.1.2 PHP5-strict" and the other one not with PHP5-strict.
No. I use the latter, of course.
If we run the "strict version" with PHP4, it must raise "fatal errors".
(PHP4 never allows 'private' etc.)
Anyway, the lifetime of PHP4 will be ended soon.
This problem will be non-sense
Votes:1
Average:10.00
Posts tree
-
Re: HTMLPurifier
(suico, 2007/9/21 1:56)
-
Re: Re: HTMLPurifier
(kentauls, 2007/9/21 7:11)
-
Re: Re: HTMLPurifier
(GIJOE, 2007/9/22 17:39)
-
-
Re: Re: HTMLPurifier
(kentauls, 2007/9/25 16:19)
-
Re: Re: HTMLPurifier
(GIJOE, 2007/9/27 16:57)
-
-
Login