Strip javascript only from richtext form. How?

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
jmut
Forum Regular
Posts: 945
Joined: Tue Jul 05, 2005 3:54 am
Location: Sofia, Bulgaria
Contact:

Strip javascript only from richtext form. How?

Post by jmut »

Hi devs,
I am stuck with tinymce legacy code. What I see there is that security lacks big time. I'd like to strip any javascript thingy inside.
I kinda doubt this topic is not addressed in genral but google doesn't give much exact/nice results.
Wonder if anyone have advise on my issue. At first sight I am thinking to just strip any <javascript thingy but that would be too naive.
Cheers.
jmut
Forum Regular
Posts: 945
Joined: Tue Jul 05, 2005 3:54 am
Location: Sofia, Bulgaria
Contact:

Re: Strip javascript only from richtext form. How?

Post by jmut »

This might actually be better suited for security. Sorry for that.
jmut
Forum Regular
Posts: 945
Joined: Tue Jul 05, 2005 3:54 am
Location: Sofia, Bulgaria
Contact:

Re: Strip javascript only from richtext form. How?

Post by jmut »

I wonder if HTML Purifier is suitable for this? Anyone used it as such tool.
Post Reply