html filtering

Erno Kuusela erno-news at erno.iki.fi
Mon Dec 25 05:59:43 CET 2000


>>>>> "QdlatY" == QdlatY  <qdlaty at wielun.dhs.org> writes:

| Hello!  Big problem in writeing message boards is filtering html
| tags. I use very simple method: Each occurence of "<" sign or ">"
| sign I replace with < and >. Is this safe method?

no. there have been bugs in some browsers making them interpret
'<' and '>' with the 8th bit set as those characters also.
there may be others. this was a popular topic on bugtraq at one
point, i suggest you check the archives.

| Maybe You've got better ideas?

no, but good luck :)

  -- erno




More information about the Python-list mailing list