17Feb

Overcome XSS scripting or cross site scripting

Posted by behnish on in PHP

Just paste this code in a header file which is included in the site. You can exclude the fields like description while filtering the POST And GET.


foreach ($_GET as $key => $value) {
$_GET[$key] = strip_tags($value);
}

foreach ($_POST as $key => $value) {
$_POST[$key] = strip_tags($value);
}

foreach ($_SERVER as $key => $value) {
$_SERVER[$key] = strip_tags($value);
}

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Powered by WP Hashcash

bottombar