Jyxo\Html::removeDangerous PHP Method

Html Class Documentation Datei anzeigen Open project: jyxo/php

removeDangerous() public static method

Removes possibly dangerous attributes that could contain XSS code from the HTML source.
public static removeDangerous ( string $html ) : string
$html string HTML source code
return string 
    public static function removeDangerous(string $html) : string
    {
        static $dangerous = ['~\\s+href="javascript[^"]*"~i', '~\\s+src="javascript[^"]*"~i', '~\\s+href="data:[^"]*"~i', '~\\s+src="data:[^"]*"~i'];
        return preg_replace($dangerous, '', $html);
    }
Html
__construct
blockquoteToText
fromText
getBody
is
linkFromText
linkToText
listToText
removeAttributes
removeDangerous
removeInnerTags
removeJavascriptEvents
removeRemoteImages
removeTags
repair
toText