$string =~ s/\</\&lt\;/g; 
$string =~ s/\>/\&gt\;/g; 
$string =~ s/[\"\'\}\{\)\(\+]//g;                 # Why???
$string =~ s/<!(?:--[\s\S]*?--\s*)?>\s*//g;       # Never matches
$string =~ s/[\~\^]//g;                           # Why???
$string =~ s/~!/ ~!/g;                            # Why???
$string =~ s/<*(javascript)[^>]+>//gi;            # Never matches
$string =~ s/(<[\s\/]*)(script\b[^>]*>)/$1x$2/gi; # Never matches
$string =~ s/<*(iframe)[^>]+>//gi;                # Never matches
$string =~ s/<*(script)[^>]+>//gi;                # Never matches
[download]

Those that never match don't match because < and > have been replaced. I didn't look at how useful they are by themselves.

You escape only two of the three HTML chars that differentiate text from HTML (<, > and &).

You convert text to HTML, but you remove all formatting (by not adding <pre> or some alternative). It may make for unreadable text.

\Y\o\u \a\l\s\o \h\a\v\e \w\a\a\a\a\a\y \t\o\o \m\a\n\y \"\\\"\!