in reply to Regex: Strip <script> tags?
I personally enjoy HTML::Scrubber.
It allows you to create a pretty detailed profile of what HTML you want allowed/disallowed.
From the docs:
(Turns out JavaScript is turned off by default. See the script method for more info.)
#!/usr/bin/perl -w use HTML::Scrubber; use strict; + # my $html = q[ <style type="text/css"> BAD { background: #666; color: #666;} </st +yle> <script language="javascript"> alert("Hello, I am EVIL!"); </sc +ript> <HR> a => <a href=1>link </a> br => <br> b => <B> bold </B> u => <U> UNDERLINE </U> ]; + # my $scrubber = HTML::Scrubber->new( allow => [ qw[ p b i u hr br ] + ] ); # + # print $scrubber->scrub($html); + # + # $scrubber->deny( qw[ p b i u hr br ] ); + # + # print $scrubber->scrub($html); + #
Hope this helps!
|
|---|