Wikipedia

HTML sanitization: Difference between revisions

Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
The htmlspecialchars() function does not sanitize HTML, it merely escapes characters with a special meaning in HTML such as <, >, &, and quotes.
No edit summary
Line 10:
In [[Java (programming language)|Java]] (and [[.NET Framework|.NET]]), sanitization can be achieved by using the [[OWASP]] Java HTML Sanitizer Project.<ref>https://www.owasp.org/index.php/OWASP_Java_HTML_Sanitizer_Project</ref>
 
In [[.NET Framework|.NET]], a number of sanitizers use the Html Agility Pack, aan HTML parser.<ref>http://htmlagilitypack.codeplex.com/</ref><ref>http://eksith.wordpress.com/2011/06/14/whitelist-santize-htmlagilitypack/</ref>
 
== See also ==
Retrieved from "https://en.wikipedia.org/wiki/HTML_sanitization"