Is HTML::Defang the path to clean HTML

Quietly has asked for the wisdom of the Perl Monks concerning the following question:

Monks of Perl, I am wondering about the practicality, efficiency, and overall efficacy of HTML::Defang in removing malicious code from HTML.

If anyone has personal experience with it in a production environment, I'd especially like to know your opinion.

My gratitude, in advance.

Updated this node with more linkage as per ikegami's post.

Comment on Is HTML::Defang the path to clean HTML

Replies are listed 'Best First'.
Re: Is HTML::Defang the path to clean HTML by Your Mother (Archbishop) on Aug 18, 2009 at 19:42 UTC
The module may actually work well but using regexes instead of a parser is a strong indication that it's got bad/surprise edge cases etc, etc. XML::LibXML and HTML::TokeParser::Simple are a bit more verbose to use but they are easy (once you get the hang of them), robust, and fast.	[reply]
Re: Is HTML::Defang the path to clean HTML (link to module) by ikegami (Patriarch) on Aug 18, 2009 at 17:59 UTC
`[mod://HTML::Defang]` ⇒ HTML::Defang	[reply] [d/l]