Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
Xss Injection Post on
<a href='' onClick='javascript:alert("blabla");'>Click Me!</a>
* Allow only a couple of tags + Strip Slashes + Remove any attribute
* /
$almostSafeOutput = preg_replace(
strip_tags($toStrip, '<p><a><b><i><em><u><ul><li><ol><span><div>')
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.