©
This document uses PHP Chinese website manual Release
ngSanitize
鍚嶇О | 鎻忚堪 |
---|---|
$sanitize |
The input is sanitized by parsing the html into tokens. All safe tokens (from a whitelist) are
then serialized back to properly escaped html string. This means that no unsafe input can make
it into the returned string, however, since our parser is more strict than a typical browser
parser, it's possible that some obscure input, which would be recognized as valid HTML by a
browser, won't make it through the sanitizer.
The whitelist is configured using the functions |