html filtering

[Erno Kuusela]

>>>>> "QdlatY" == QdlatY  <qdlaty at wielun.dhs.org> writes:

| Hello!  Big problem in writeing message boards is filtering html
| tags. I use very simple method: Each occurence of "<" sign or ">"
| sign I replace with < and >. Is this safe method?

no. there have been bugs in some browsers making them interpret
'<' and '>' with the 8th bit set as those characters also.
there may be others. this was a popular topic on bugtraq at one
point, i suggest you check the archives.

| Maybe You've got better ideas?

no, but good luck :)

  -- erno