Php regular expressions related to eregi_replace ("<(iframe | script) [^>] +>" ") can this replace malicious code?
Source: Internet
Author: User
Php regular expression problem eregi_replace (& quot; & lt; (iframe | script) [^ & gt;] + & gt; & quot;, & quot ;) can this replace malicious code? Php regular expression problem eregi_replace (& quot; & lt; (ifra php regular expression problem eregi_replace ("<(iframe | script) [^>] +> ","") can this replace malicious code?
Php regular expression problem eregi_replace ("<(iframe | script) [^>] +>", "") can this replace malicious code?
------ Solution --------------------
Yes, Javascript or VBScript code is filtered out. this is very important. iframe is filtered out to prevent others from embedding a framework in your web page, causing the visitor to be cheated.
------ Solution --------------------
There should be vulnerabilities. if someone else does not use the script method to call JS, such as a form In this way
------ Solution --------------------
Just test it by yourself. The best way is not to input htlm and use the html function of php.
Htmlentities
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.