HTML-StripScripts-Parser reviews

RSS | Module Info

HTML-StripScripts-Parser (0.991) *****

UPDATE - I am now a maintainer for this module, and as of version 0.99, I have added the Rules option which makes it much easier to customise
Original comment re version 0.6:

I am more and more impressed with this module. It handles the case of accepting HTML from a user, processing it, correcting problems like incorrectly nested tags and removing anything that isn't specifically allowed. It seems to recognise all of the XSS exploits on RSnake's

The one negative comment I would make about it is that altering the default configuration is not as simple as it should be. The config is stored in hard-coded hashes, and there is no mechanism for merging only your changes into the existing config.

I dumped the hashes into YAML and subclassed the module to use the YAML as the source, but it could be simpler than this.