Reply to Re: how to check for "a href=" in a string — PHP Programming Language

Posted by FFMG on 01/24/07 06:58

On Jan 23, 8:23 pm, Toby Inkster <usenet200...@tobyinkster.co.uk>
wrote:
> Veco wrote:
> > I want to block my users from submitting a string that includes link(s)
> > stated using a href=...What about...
>
> <a target="_self" href="...">
>

I don't know about others, but in my case anything with '<a' in the
message is rejected.

I understand that this is a bit extreme, but in my case I cannot really
see why they would want to post links in the first place, (when they
are told not to do it!), or the characters '<a'.

I test for '<a' after my normal XSS check that would have rejected the
message anyway.

Simon

[Back to original message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация