Actions
Feature #19600
closedImprovement of removeXSS
Start date:
2008-11-12
Due date:
% Done:
0%
Estimated time:
PHP Version:
5.2
Tags:
Complexity:
Sprint Focus:
Description
The removeXSS-script used had some lacks. It replaced tags in normal text which prevents most from using this script.
Jigal did some improvements and i reformatted to CGL and tested.
These changes are done:
- bugfixes in regexps
- optimizations
- quickscan for keywords to speed up the function when no potential threats
- regexps specific for different type of keywords to reduce false positives
- configurable "tag replaceString"
(issue imported from #M9778)
Files
Actions