Regex html Sanitisation can work
Note: This article was originally published at Planet PHP
on 23 May 5280.
Dear PAĦdraic Brady,
I have not received any emails with any exploits, I am disappointed I want my html regex sanitiser to be broken please. Apparently you can find 2-5 vulnerabilities per solution so please execute XSS in my regex. Thanks! I'll be very impressed if you do and I will promise to dedicate a blog post to you.
Please don't stop there though I have a JavaScript sandbox that you can bypass that uses regular expressions.
JavaScript Regex sandbox
Thanks very much
Kind Regards
Gareth