I have been working with the regular expression:
<+script.*?.*<\/script>
It seem to do a good job removing script tags.
Wondering if anyone knows if there is someway someone can bypass this script? Would this remove all harmful script? I have been testing, which the script tag arrangement that I tested. this regular expression successfully removed the script.
However there are a lot of different combinations, and I am wondering if anyone know a script tag combination this regular expression would fail?
No comments:
Post a Comment