I've used the htmlawed PHP filter for XSS checks; it allows mixed white- and black-list approaches.
See bioinformatics.org/phplabware/internal_utilities/htmLawed/index.php and bioinformatics.org/phplabware/internal_utilities/htmLawed/rsnake/RSnakeXSSTest.htm
I've used the htmlawed PHP filter for XSS checks; it allows mixed white- and black-list approaches.
See bioinformatics.org/phplabware/internal_utilities/htmLawed/index.php and bioinformatics.org/phplabware/internal_utilities/htmLawed/rsnake/RSnakeXSSTest.htm