afzafri/strip_scripts.php

Created January 17, 2020 01:43

Star () You must be signed in to star a gist
Fork () You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/afzafri/73abed3dbc9c208eacf717ec0a25b3ed.js"></script>
Save afzafri/73abed3dbc9c208eacf717ec0a25b3ed to your computer and use it in GitHub Desktop.

Download ZIP

Replace all occurrences of JS script tags in string. Quick way but not the best to prevent XSS

Raw

strip_scripts.php

	<?php
	$attack = "<script>alert('boom');</script>";
	$sanitized = preg_replace('#<script(.?)>(.?)</script>#is', '', $attack);
	echo $sanitized;
	?>

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment