How to prevent XSS with HTML/PHP?

0 votes
How do I prevent XSS (cross-site scripting) using just HTML and PHP?
Apr 1 in PHP by kartik
• 11,290 points
34 views

1 answer to this question.

0 votes

Hello,

HTML Encoding

htmlspecialchars will convert any "HTML special characters" into their HTML encodings, meaning they will then not be processed as standard HTML. To fix our previous example using this method:

<?php
echo '<div>' . htmlspecialchars($_GET['input']) . '</div>';
// or
echo '<div>' . filter_input(INPUT_GET, 'input', FILTER_SANITIZE_SPECIAL_CHARS) . '</div>';

Would output:

<div>&lt;script src=&quot;http://example.com/runme.js&quot;&gt;&lt;/script&gt;</div>

Everything inside the <div> tag will not be interpreted as a JavaScript tag by the browser, but instead as a simple text node. The user will safely see:

<script src="http://example.com/runme.js"></script>

Thank you!!

answered Apr 1 by Niroj
• 22,790 points

Related Questions In PHP

0 votes
1 answer

How to detect search engine bots with php?

Hello, You can checkout if it's a search ...READ MORE

answered Apr 20 in PHP by Niroj
• 22,790 points
61 views
0 votes
1 answer

How to convert from MySQL datetime to another format with PHP?

Hello, To convert a date retrieved from MySQL ...READ MORE

answered May 19 in PHP by Niroj
• 22,790 points
25 views
0 votes
1 answer

How to validate E-mail and URL of Php form?

hey, The code below shows a simple way ...READ MORE

answered Feb 13 in PHP by manish
81 views
0 votes
1 answer

What is Php Mysql Database? How php connect to database?

Hello kartik, MySQL is the most popular database ...READ MORE

answered Feb 25 in PHP by Dey
90 views
0 votes
1 answer

How to make anchor tag with routing using Laravel?

Hey @kartik, First you have to go to ...READ MORE

answered Mar 18 in Laravel by Niroj
• 22,790 points
434 views
0 votes
1 answer

What is redirection in Laravel?

Named route is used to give specific ...READ MORE

answered Mar 18 in Laravel by Niroj
• 22,790 points
62 views
0 votes
1 answer

How to install Laravel via composer?

Hello, This is simple you just need to ...READ MORE

answered Mar 23 in Laravel by Niroj
• 22,790 points
64 views
0 votes
1 answer

What are named routes in Laravel and How can specify route names for controller actions?

Hey @kartik, Named routing is another amazing feature of ...READ MORE

answered Mar 23 in Laravel by Niroj
• 22,790 points
151 views
0 votes
1 answer

How to Validate Form Data With PHP?

Hey @kartik, The first thing we will do ...READ MORE

answered Feb 13 in PHP by Niroj
• 22,790 points
93 views
0 votes
1 answer

What is a Cookie? How to create Cookies With PHP?

A cookie is often used to identify ...READ MORE

answered Feb 13 in PHP by Niroj
• 22,790 points
106 views