Column01/index.html

## index.html
<html>
	<head>
		<title>Simple login</title>
		<script src="//ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js">  </script>
	</head>
	<body>
		<script>
			function validateForm() {
			var form = document.forms['testform'];
			console.log(form)
			const script = /(script)/gmi;
			// Take the user and pass from the form and run the anti XSS stuff
			var user = stripXssMethods(form[0].value);
			var pass = stripXssMethods(form[1].value);
			stripErroredImages()
			if(user && pass) {
				console.log(user + " logged in with the password: " + pass)
				document.getElementById("output").innerHTML = "Welcome, " + user + ". We are glad to see you!"
			} else {
				document.getElementById("output").innerHTML = "You must provide a username and password to login."
			}
		}

		function stripScripts(s) {
			var re = /(script)/gm;
			w = s.replace(re, "");
			// Check if the string contains "script" and if it doesn't, return it. If it does, keep running until all are removed.
			if (!re.test(s)){
				return s
			} else {
				return stripScripts(w)
			}
		}

		function stripOnError(s) {
			var re = /(onerror)/gm;
			w = s.replace(re, "");
			if (!re.test(s)) {
				return s
			} else {
				return stripOnError(w)
			}
		}

		function stripXssMethods(s) {
			var re = /(onerror)/gm;
			// test for on error and if it is present, strip that first. If it isn't, strip the script tags first
 			if (re.test(s)) {
				return stripScripts(stripOnError(s))
			} else {
				return stripOnError(stripScripts(s))
			}
		}

		function stripErroredImages() {
			$("img").error(function() {
				// Get id of image
			  	var id = $(this).attr('id');
			  	// Remove image
			  	$(this).remove();
			  	// Remove title
			  	$("#"+id+"title").empty();
			});
		}

		</script>
		<h1>Sample user login Form</h1>
		<p id="output"></p>
		<form id="testform">
			Username: <br />
			<input type="TEXT" id="user" size="40">
			<br />
			Password: <br />
			<input type="password" id="password" size="40">
			<br />
			<input type="button" id="btn" value="Submit" onclick="validateForm();">
		</form>
	</body>
</html>
	<html>
	<head>
	<title>Simple login</title>
	<script src="//ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js"> </script>
	</head>
	<body>
	<script>
	function validateForm() {
	var form = document.forms['testform'];
	console.log(form)
	const script = /(script)/gmi;
	// Take the user and pass from the form and run the anti XSS stuff
	var user = stripXssMethods(form[0].value);
	var pass = stripXssMethods(form[1].value);
	stripErroredImages()
	if(user && pass) {
	console.log(user + " logged in with the password: " + pass)
	document.getElementById("output").innerHTML = "Welcome, " + user + ". We are glad to see you!"
	} else {
	document.getElementById("output").innerHTML = "You must provide a username and password to login."
	}
	}

	function stripScripts(s) {
	var re = /(script)/gm;
	w = s.replace(re, "");
	// Check if the string contains "script" and if it doesn't, return it. If it does, keep running until all are removed.
	if (!re.test(s)){
	return s
	} else {
	return stripScripts(w)
	}
	}

	function stripOnError(s) {
	var re = /(onerror)/gm;
	w = s.replace(re, "");
	if (!re.test(s)) {
	return s
	} else {
	return stripOnError(w)
	}
	}

	function stripXssMethods(s) {
	var re = /(onerror)/gm;
	// test for on error and if it is present, strip that first. If it isn't, strip the script tags first
	if (re.test(s)) {
	return stripScripts(stripOnError(s))
	} else {
	return stripOnError(stripScripts(s))
	}
	}

	function stripErroredImages() {
	$("img").error(function() {
	// Get id of image
	var id = $(this).attr('id');
	// Remove image
	$(this).remove();
	// Remove title
	$("#"+id+"title").empty();
	});
	}

	</script>
	<h1>Sample user login Form</h1>
	<p id="output"></p>
	<form id="testform">
	Username: <br />
	<input type="TEXT" id="user" size="40">
	<br />
	Password: <br />
	<input type="password" id="password" size="40">
	<br />
	<input type="button" id="btn" value="Submit" onclick="validateForm();">
	</form>
	</body>
	</html>