Rafael Steil wrote:Indeed.
Ideas of how can we solve this? I mean, there is a need to write a message parser to handle this situation.. ( or kinda ).
Rafael, I saw this thingie on freshmeat tonight:
http://freshmeat.net/releases/161504/
I think it's coded in C, but still, just for info.
SafeHTML 1.1.0
by kukutz - Sunday, May 23rd 2004 09:52 PDT
About: SafeHTML strips down all potentially dangerous content within HTML: opening tags without closing tags, closing tags without opening tags, a whole slew of other tags (�base�, �basefont�, �head�, �html�, etc.), some attributes (on*, data*, dynsrc, javascript:/vbscript:/about:, etc.), protocols, expression/behavior etc. in styles, and any other active content.
[originally posted on jforum.net by Daniil]