HTML-Detoxifier reviews

cpanratings
 

RSS | Module Info | Add a review of HTML-Detoxifier

HTML-Detoxifier (0.02) **

This module seems nicely constructed and documented, but I wouldn't use it for XSS protection. Choosing the 'dynamic' option would lead you to believe that all JavaScript would be covered, but I don't believe it covers in-line JavaScript, like <img src="javascript:foo()">.

Mark Stosberg - 2009-04-03T04:51:08 (permalink)

3 out of 3 found this review helpful. Was this review helpful to you?  Yes No

HTML-Detoxifier (0.02) *****

Nice module, it works very well, as well as HTML::Scrubber (both are way more accurate than HTML::Strip).
Contrary to HTML::Scrubber, it offers a functional interface instead of an OO interface. HTML::Scrubber also permits a finer grain control over the tags to allow/disallow, while this module groups them by category (though most of the times this is perfectly appropriate, sufficient and even easier to deal with).

Emanuele Zeppieri - 2006-02-15T20:31:52 (permalink)

6 out of 7 found this review helpful. Was this review helpful to you?  Yes No