Frage
I am looking for an easy and quick to install way to sanitize markdown in PHP.
I don't need an ultimate robust solution (as answers I saw in other questions) just something simple filtering the most dangerous tags (for example filtering the script tag among other things).
Is there such a thing that exists? Maybe a regex but I don't know what I need to filter.
I currently have the markdown sanitizer on the client side, but I need something on the PHP side or XSS will come in the way...
Lösung 2
Ok so initially I read this question in which people answered about HTML purifier, but saying that it took a day to configure. For me it was too long for a small project.
But I actually tried it and the default installation took me less than five minutes and work just fine. So, HTML purifier is the way to go, even if you don't have much time.
Andere Tipps
There's a couple of easy ways (not 100% secure but decent stop-gaps). strip_tags will remove all HTML tags and htmlentities will replace the characters that make up HTML tags
https://stackoverflow.com/questions/20447615
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian