PhpRiot
News Archive
PhpRiot Newsletter
Your Email Address:

More information

Regex html Sanitisation can work

Note: This article was originally published at Planet PHP on 16 April 5280.
Planet PHP

Dear PAdraic Brady,

I have not received any emails with any exploits, I am disappointed I want my html regex sanitiser to be broken please. Apparently you can find 2-5 vulnerabilities per solution so please execute XSS in my regex. Thanks! I'll be very impressed if you do and I will promise to dedicate a blog post to you.

html Regex sandbox

Please don't stop there though I have a JavaScript sandbox that you can bypass that uses regular expressions.
JavaScript Regex sandbox

Thanks very much

Kind Regards
Gareth