PHP defends against XSS attacks, using methods and details to see http://www.tongqiong.com/read.php?tid-474.html
- function Remove_xss ($val) {
- Remove all non-printable characters. CR (0a) and LF (0b) and TAB (9) are allowed
- This prevents some character re-spacing such as
- Note that you had to handle splits with \ n, \ r, and \ t later since they *are* allowed in some inputs
- $val = Preg_replace ('/([\x00-\x08,\x0b-\x0c,\x0e-\x19])/', ' ', $val);
- Straight replacements, the user should never need these since they ' re normal characters
- This prevents like
- $search = ' abcdefghijklmnopqrstuvwxyz ';
- $search. = ' ABCDEFGHIJKLMNOPQRSTUVWXYZ ';
- $search. = ' 1234567890!@#$%^&* () ';
- $search. = ' ~ ';:? +/={}[]-_|\ ' \ \ ';
- for ($i = 0; $i < strlen ($search); $i + +) {
- // ;? Matches the; which is optional
- 0{0,7} matches any padded zeros, which is optional and go up to 8 chars
- @ search for the hex values
- $val = Preg_replace ('/(&#[xx]0{0,8} '. Dechex (Ord ($search [$i])). /I ', $search [$i], $val); with A;
- @ @ 0{0,7} matches ' 0 ' zero to seven times
- $val = Preg_replace ('/(? { 0,8} '. Ord ($search [$i]). ';? ' /', $search [$i], $val); with A;
- }
- Http://www.tongqiong.com
- Now the only remaining whitespace attacks is \ t, \ n, and \ r
- $ra 1 = Array (' JavaScript ', ' VBScript ', ' expression ', ' applets ', ' meta ', ' xml ', ' blink ', ' link ', ' style ', ' script ', ' em Bed ', ' object ', ' iframe ', ' frame ', ' frameset ', ' ilayer ', ' layer ', ' bgsound ', ' title ', ' base ');
- $ra 2 = Array (' onabort ', ' onactivate ', ' onafterprint ', ' onafterupdate ', ' onbeforeactivate ', ' onbeforecopy ', ' Onbeforecut ', ' onbeforedeactivate ', ' onbeforeeditfocus ', ' onbeforepaste ', ' onbeforeprint ', ' onbeforeunload ', ' Onbeforeupdate ', ' onblur ', ' onbounce ', ' oncellchange ', ' onchange ', ' onclick ', ' oncontextmenu ', ' oncontrolselect ', ' Oncopy ', ' oncut ', ' ondataavailable ', ' ondatasetchanged ', ' ondatasetcomplete ', ' ondblclick ', ' ondeactivate ', ' Ondrag ', ' Ondragend ', ' ondragenter ', ' ondragleave ', ' ondragover ', ' ondragstart ', ' ondrop ', ' onerror ', ' onerrorupdate ', ' Onfilterchange ', ' onfinish ', ' onfocus ', ' onfocusin ', ' onfocusout ', ' onhelp ', ' onkeydown ', ' onkeypress ', ' onkeyup ', ' Onlayoutcomplete ', ' onload ', ' onlosecapture ', ' onmousedown ', ' onmouseenter ', ' onmouseleave ', ' onmousemove ', ' onMouseOut ', ' onmouseover ', ' onmouseup ', ' onmousewheel ', ' onmove ', ' onmoveend ', ' onmovestart ', ' onpaste ', ' Onpropertychange ', ' onreadystatechange ', ' onreset ', ' onresize ', ' onresizeend ', ' onresizestart ', ' onrowent 'Er ', ' onrowexit ', ' onrowsdelete ', ' onrowsinserted ', ' onscroll ', ' onselect ', ' onselectionchange ', ' onselectstart ', ' OnStart ', ' onstop ', ' onsubmit ', ' onunload ');
- $ra = Array_merge ($ra 1, $ra 2);
- $found = true; Keep replacing as long as the previous round replaced something
- while ($found = = True) {
- $val _before = $val;
- for ($i = 0; $i < sizeof ($RA); $i + +) {
- $pattern = '/';
- for ($j = 0; $j < strlen ($ra [$i]); $j + +) {
- if ($j > 0) {
- $pattern. = ' (';
- $pattern. = ' (&#[xx]0{0,8} ([9ab]);) ';
- $pattern. = ' | ';
- $pattern. = ' | (? {0,8} ([9|10|13]);) ';
- $pattern. = ') * ';
- }
- $pattern. = $ra [$i] [$j];
- }
- $pattern. = '/I ';
- $replacement = substr ($ra [$i], 0, 2). ' '. substr ($ra [$i], 2);//Add in <> to nerf the tag
- $val = Preg_replace ($pattern, $replacement, $val); Filter out the hex tags
- if ($val _before = = $val) {
- No replacements were made, so exit the loop
- $found = false;
- }
- }
- }
- return $val;
- }
Copy Code |
