What is the most effective way of sanitizing HTML emails displayed in a web application so that malicious code is not executable, but the html layout remains in tact?
An example of the desired functionality is the way gmail removes any script tags and delays image display.
I can use some naive regex tag stripper to try and secure the email as best I can, but what I'm looking for is a comprehensive filter that ideally sits between the client and pop server.
Does anyone have any insights into this problem?
I recommend you read the answers to Strict HTML Validation and Filtering in PHP, which asks the same question. HTML Purifier is a good starting point.
I suggest you something like http://htmlpurifier.org/ or if you use php: https://phpids.org/
Don't write your own regexp rules, they will fail! :)
To make some advertisement, if you use php, you can try my PHP Intrusion Prevention System, its Alpha but I need testers :)
http://ra23.net/wop/some_phpips/
Its a little Framework around phpids.
Related
I want to create a website which consists of videos which will be uploaded by the admin and many useful information which all will be uploaded by an admin.
I have got the domain name, remote LAMP server.
I have gone through many tutorials and I tired creating using Drupal 8. Website was fine but while creating a new existing module the whole thing got crashed and I don't want to goback and recover it since it is a big mess.
So I want to try from first keeping it very simple.
Kindly guide me to achieve this. I will put all my effort to learn it.
Any help any documents which will help me to create will be greatly accepted.
I am beginner in C++, html. Can you guys let me know how can I achieve in creating a website.
You can find your answer here on your own:
So there are various languages that are being used in the web that perform various purposed and hence you can choose what functionality do you need in your website and according to that you can write the code in that language.
Lets take a quick look at some of the most widely used languages of the web:
1: HTML
This is a Markup Language which can be used basically just for writing the content and displaying on your webpage. You can create too many pages and link them to form a website.
2: CSS
This language helps you design your webpage and thus makes your webpage look way too better. A site only written in html in not preferrable.
3: JavaScript
This language is a scripting language that helps you do various cool stuff like handling input events (like click, hover,etc), change the content of your webpage dynamically, bring popups , etc.
4: PHP
This scripting language is also being widely used as this lets you work with the forms and submit to a database. In fact, if you learn this language you can write the logic behind your own facebook and you can give it a face using HTML, CSS.
Once you are done learning all these languages, you can now learn some of the cool libraries like:
Bootstrap (for css, js)
Jquery (Javascript)
I want to develop an application that will visualize the recommendations of Google instant. It is for a course project and for now, I don't know much about web programming tools. What I wonder is that is it possible to retrieve that data from another web page. If you think it is possible and it is possible with which platform, could you please guide me to the correct direction?
Without more information on what you're actually trying to do, it's difficult to give a proper answer. From what I can understand, you just want a list of the auto-completed items from a Google search, to manipulate however you like?
In which case, using the highest-rated answer from here, you can use http://suggestqueries.google.com/complete/search?client=firefox&q=YOURQUERY to give you a JSON object which you can then manipulate to get the auto-complete results. The client= part is needed, but I haven't looked at various options you can put in there.
Personally, I've never used JSON before, so can't give you any help on how to go about parsing it, but you can find more information about it on the JSON website, and w3 website.
Will need to act like javascript or run a javascript engine OR a browser add on and communication with that add on.
What happens as you type is a javascript function is called. So you need to call this function in your own or mimic what it does. I guess it calls a web service/ web page form programamtically (ajax) with what you have typed. The server responds with the suggestions. Not very difficult as long as Google does not deny you if it realizes your not a browser. i think they like only 100 free API calls but you can google google about that.
Http Components in java will help calling the serice, with cookeis etc. You should use the dev tools on firefox to see what happens under the hood when you type in the google search bar and see the code.
Hi
I am creating a website using HTML and CSS only and I want to add the following feature:
Any person visiting the site should be able to post a message and that message should appear below with his name and time of posting.
How do I go about creating it?
Please help.
Thanks In advance
You won't be able to do this using HTML and CSS only (at least not in any sane way).
You will need a database of some sort (e.g. MySql, Microsoft Access etc) and you will need some sort of server-side scripting language such as PHP, .NET, Ruby etc.
I suggest picking a language and then finding some tutorials. Most tutorials will take you through using a database.
This is completely impossible using HTML and CSS only. You will have to use a server-side scripting language.
Hi
I'm looking for a tool (free/paid) like a program that help me in reviewing my website style and interface such as explain the content of the home page (footer, header ..... ) taking snapshots and write comment on them ... I know this can be done using (print screen) and the MS paint but I need a more professional tool to use .
thank you in advance
I'm not sure if I understand well, but conceptshare may be the tool you looking for.
There's a firefox extension called Screengrab that can capture an entire page. You could add annotations to that quite easily in a DTP tool.
I'm not sure about the type of review you're looking for.
If you want to have people using the website and giving you their feedback in terms of navigation, layout, design and content, you can use a www.usertesting.com services.
They'll enroll users to test out the website and them give you a URl to review a video/audio recording of each user test. It's a great way to validate your website.
Hope this is what you were looking for...
I want to make a page for a website that will let the user create a blog post, and want them to be able to graphically edit the formatting, like paragraphs and styles, then convert this to html. Is there a way to do it in PHP? Do I need to use Javascript or Ajax or something?
PHP (if you want dynamic behavior) with FCKeditor (on the client side) will do the job. Have a look at the demo. Another good editor is TinyMCE.