Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
V
V
Vitaly Mironov2018-05-13 15:40:59
XSS
Vitaly Mironov, 2018-05-13 15:40:59

Protecting css from XSS?

Good day. How can I protect myself from any vulnerabilities when parsing a css file?
I'm parsing a css file from a file, and submitting from a textarea to an html form with syntax highlighting, where it gets executed. Just pasting <script>alert(1)</script>it gives 1. I could use htmlspecialchars, but it will corrupt the css structure and make it invalid.
What can be done in such a case?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
E
Evgeny Romashkan, 2018-05-13
@nor1m

php strip_tags. Strips tags from text along with content. (The tags are not checked for validity. Removes everything enclosed in <> </>). In theory, CSS shouldn't hurt.

Similar questions
X
XuMiX2011-10-29 08:57:02
Spam is coming from me. How? 9Reply
P
Page-Audit.ru2021-07-06 11:10:26
Why has Facebook disabled XSS protection? 1Reply
U
unspecified2011-12-06 14:42:11
IE8 XSS filter and Vkontakte buttons? 0Reply
D
Dreaded2018-05-16 13:56:37
Do I need to process data from GET requests somehow? 3Reply
H
Hazrat Hajikerimov2014-07-11 21:30:41
Is there a tutorial site about XSS and SQL injection? 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question