Chris Shiflett has a post today, Allowing HTML and Preventing XSS. The problem is how to allow users to format their contributed content without introducing security vulnerabilities. The answer is usually some sort of markup language or filtering and sanitization of HTML.
BBCODE was designed for this purpose. There is no actual standard, [...]
Professional PHP
PHP Programming, Web Development, PHP Advocacy and PHP Best Practices.
About
My name is Jeff Moore. I'm a PHP programmer living in San Francico and working for a startup.
Categories (Home)
- Agile Methods (14)
- Mac (14)
- Misc (18)
- Open Source (14)
- PHP (99)
- Software Design (29)
- Usability (14)
- Web Design (20)
Recent Comments
- Writing an XPath expression evaluator 7
JDM Cars, Alva Sisk, teeth falling out dream [...] - PHP Games 63
Furniture Manufacturers, Jason Pierre-Paul Jersey, Voncile Grizzel [...] - PDO versus MDB2 31
Morton Deliso, Marquis Valakas, Beatriz Elifritz [...] - Why PHP is easier to learn than Java 48
Betty Wager, Orville Kotrys, Esperanza Mcpeck [...] - Friendster wrapup: does MySQL scale 29
Clemente Michaux, Kandra Noriego, Earl Skowronski [...] - Enterprise PHP 42
Hoyt Origer, atomboygame, Luna Cerny [...] - Comparing PHP with other languages 38
polštinap?eklad, polštinap?eklad, php developer [...] - Looking Towards the Cloud 65
spin, Serina Doshier, Graciela Guisinger [...] - Working with PHP 5 in Mac OS X 10.5 (Leopard) 241
Rory Teich, Lady Gaga, Tommy Staude [...] - Richard Thomas 27
Hedwig Larcher, Carlos Cherenfant, Kurt Vagliardo [...]
- Writing an XPath expression evaluator 7
Site
Search
Feed
Subscribe to this blog…