HTMLPurifier, check the whole HTML document

Question

HTMLPurifier, check the whole HTML document

I am using HTMLPurifier to validate XSS throughout an HTML document. The problem is that it seems to highlight everything that is not inside the tags <body>. But I want to save everything, just looking at serious XSS attacks.

Any ideas on how to resolve the <HTML>, <HEAD>, <META>etc.

+3

html php htmlpurifier

David Oct 2 '09 at 12:37

source share

3 answers

, XSS, "head".

0

Rich Bradshaw 02 . '09 12:42

HTML , ( "div" ). "span" . "" "html".

0

TRiG 02 . '09 15:20

Anthony · Accepted Answer · 2009-10-02T12:49:33+0000

David, I just searched the HTMLPurifier support forum and saw that you were busy.

But perhaps you missed a message from a few months ago that addresses your exact problem , in particular the answer:

() HTML Purifier 5.x series; HTML-.

DTD .

HTMLPurifier, check the whole HTML document

More articles: