jovialcore/fix-xss.php

## fix-xss.php
<?php

//Using php, Native approaches involve like htmlspecialchars() to escape special characters in the user input.
$Userdata;

$sanitized = htmlspecialchars($Userdata);
// output
echo " <p> Your data is:" . $sanitized . " </p>";


//CSP  (Content security policy) function, By using CSP Header with PHP
header("Content-Security-Policy: default-src 'self'");


        /** HTML Purifier library Approach **/

//require the  HTML Purifier library
require_once '/path/to/htmlpurifier/library/HTMLPurifier.auto.php';

// instantiate
$config = HTMLPurifier_Config::createDefault();
$purifier = new HTMLPurifier($config);

// get user inputed data
$user_data = "<p>This is some <strong>dirty</strong> HTML.</p>";

// clean HTML input using HTML Purifier
$purified = $purifier->purify($user_data);

// print cleaned HTML
echo $purified;
	<?php

	//Using php, Native approaches involve like htmlspecialchars() to escape special characters in the user input.
	$Userdata;

	$sanitized = htmlspecialchars($Userdata);
	// output
	echo " <p> Your data is:" . $sanitized . " </p>";


	//CSP (Content security policy) function, By using CSP Header with PHP
	header("Content-Security-Policy: default-src 'self'");


	/ HTML Purifier library Approach /

	//require the HTML Purifier library
	require_once '/path/to/htmlpurifier/library/HTMLPurifier.auto.php';

	// instantiate
	$config = HTMLPurifier_Config::createDefault();
	$purifier = new HTMLPurifier($config);

	// get user inputed data
	$user_data = "<p>This is some <strong>dirty</strong> HTML.</p>";

	// clean HTML input using HTML Purifier
	$purified = $purifier->purify($user_data);

	// print cleaned HTML
	echo $purified;