How to prevent malicious scripting with Laravel when using WYSIWYG Editor?

Question

I'm developing an app in Laravel where the user inserts some information through a WYSIWYG Editor.

What's the best way to prevent malicious scripts when printing content?

Is there any way to only allow some HTML tags?

Look into http://htmlpurifier.org/. Not only will it let you control permitted tags, but it'll clean stuff up, you can whitelist attributes, CSS styles, etc. — ceejayoz, Dec 20 '17 at 19:09
Possible duplicate of [How can I allow WYSIWYG editors and disable XSS attacks using Laravel?](https://stackoverflow.com/questions/17314893/how-can-i-allow-wysiwyg-editors-and-disable-xss-attacks-using-laravel) — Dark Cyber, Dec 20 '17 at 19:11

score 0 · Answer 1 · answered Dec 21 '17 at 05:51

0

You can use strip_tags(). use the link for more info about strip_tags()

answered Dec 21 '17 at 05:51

1 Answers1