RSS | Module Info | Add a review of HTML-Detoxifier

2 out of 2 found this review helpful:

HTML-Detoxifier (0.02) **

This module seems nicely constructed and documented, but I wouldn't use it for XSS protection. Choosing the 'dynamic' option would lead you to believe that all JavaScript would be covered, but I don't believe it covers in-line JavaScript, like <img src="javascript:foo()">.

Mark Stosberg - 2009-04-03 04:51:08
Was this review helpful to you?  Yes No

6 out of 7 found this review helpful:

HTML-Detoxifier (0.02) *****

Nice module, it works very well, as well as HTML::Scrubber (both are way more accurate than HTML::Strip).
Contrary to HTML::Scrubber, it offers a functional interface instead of an OO interface. HTML::Scrubber also permits a finer grain control over the tags to allow/disallow, while this module groups them by category (though most of the times this is perfectly appropriate, sufficient and even easier to deal with).

Emanuele Zeppieri - 2006-02-15 20:31:52
Was this review helpful to you?  Yes No


Perl.org sites : bugs | dev | history | jobs | learn | lists | use
© Copyright 2002-2010 The Perl Foundation
Site Information and Contacts
root: (Vh | Vc)
the camel