Cure53 cure53
-
Fine penetration tests for fine websites
- Berlin
- Sign in to view email
- https://cure53.de
cure53
/ XSS Protection in 5 common contexts
Created Dec 15, 2016
— forked from soaj1664/XSS Protection in 5 common contexts
Per-Context Sanitizer Functions
View XSS Protection in 5 common contexts
| <?php | |
| /** | |
| * XSS protection function for HTML context only | |
| * @usecases | |
| * <title>use this function if output reflects here or as a content of any HTML tag.</title> | |
| * e.g., <span>use this function if output reflects here</span> | |
| * e.g., <div>use this function if output reflects here</div> | |
| * @description | |
| * Sanitize/Filter < and > so that attacker can not leverage them for JavaScript execution. |