Microweber\Utils\lib\XSSSecurity::doNeverAllowed PHP Метод

    protected function doNeverAllowed($str)
    {
        $never = ['document.cookie' => '[removed]', 'document.write' => '[removed]', '.parentNode' => '[removed]', '.innerHTML' => '[removed]', '-moz-binding' => '[removed]', '<!--' => '&lt;!--', '-->' => '--&gt;', '<![CDATA[' => '&lt;![CDATA[', '<comment>' => '&lt;comment&gt;'];
        $str = str_replace(array_keys($never), $never, $str);
        $regex = ['javascript\\s*:', '(document|(document\\.)?window)\\.(location|on\\w*)', 'expression\\s*(\\(|&\\#40;)', 'vbscript\\s*:', 'wscript\\s*:', 'jscript\\s*:', 'vbs\\s*:', 'Redirect\\s+30\\d', "([\"'])?data\\s*:[^\\1]*?base64[^\\1]*?,[^\\1]*?\\1?"];
        foreach ($regex as $val) {
            $str = preg_replace('#' . $val . '#is', '[removed]', $str);
        }
        return $str;
    }