Antigen forwarded attachment

The entire message "RE: Preventing cross site scripting", originally sent to you by Mutallip Ablimit (mutax@insi.co.jp), has been forwarded to you from the Antigen Quarantine area. This message may have been re-scanned by Antigen and handled according to the appropriate scan job's settings.

<<Entire Message.eml>>

attached mail follows:

Yes, replace all of the unacceptable tags with "", it will work fine. And for a plus,
PHP has a strip_tags() function.
Didn't have tried yet, but I think it could be used to remove all unacceptable tags.
In this case, may be you have to make a list of all allowed tags.

strip_tags($Text, "<allowed tag>");

This will only allows the "<allowed tag>".

Regards,

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

-----Original Message-----
From: David Cameron [mailto:dcameron@itis-now.com] Sent: Friday, June 20, 2003 10:51 AM
To: Andrew Beverley; webappsec@securityfocus.com Subject: RE: Preventing cross site scripting

Create a list of unacceptable tags in an array (eg applet, embed), loop through the array and generate a regexpr based on the array, something of the form:
<(applet)|(embed).?> and replace all instances with "".

Do the same for any possible closing tags ie: </(applet)|(embed)> and replace all instances with "".

BTW the RegExpr may be wrong, I'm not all that hot on RegExprs, but you get the idea.

regards
David Cameron
nOw.b2b
dcameron@itis-now.com

> -----Original Message-----

>
>

>

>

>

>

>

>
>
>
>
>