| CPAN Ratings (Gamma) HTML-StripScripts-Parser reviews | |
| Home | Search | About | Login |
RSS | Module Info | Add a review of HTML-StripScripts-Parser
6 out of 6 found this review helpful:
UPDATE - I am now a maintainer for this module, and as of version 0.99, I have added the Rules option which makes it much easier to customise
---------------------------------------------------------------
Original comment re version 0.6:
I am more and more impressed with this module. It handles the case of accepting HTML from a user, processing it, correcting problems like incorrectly nested tags and removing anything that isn't specifically allowed. It seems to recognise all of the XSS exploits on RSnake's http://ha.ckers.org/xss.html.
The one negative comment I would make about it is that altering the default configuration is not as simple as it should be. The config is stored in hard-coded hashes, and there is no mechanism for merging only your changes into the existing config.
I dumped the hashes into YAML and subclassed the module to use the YAML as the source, but it could be simpler than this.
Clinton Gormley - 2007-05-31 02:00:04
Was this review helpful to you?
Yes
No
|
Perl.org sites
: bugs
| dev
| history
| jobs
| learn
| lists
| use
© Copyright 2002-2008 The Perl FoundationSite Information and Contacts |
|