duancan7914 2014-03-08 12:57
浏览 8

在php / javascript中删除清洁剂

I have an assignment that is to plant security bug and I though of convert back a sanitized input to unsanitized input.

For example:

Convert 

<script>alert("document.cookie");</script>

back to 

<script>alert("document.cookie");</script>
  • 写回答

1条回答 默认 最新

  • dqc42632 2014-03-08 13:00
    关注

    You could use html_entity_decode() for this.

    Example:

    $code = '&lt;script&gt;alert(&quot;document.cookie&quot;);&lt;/script&gt;';
echo html_entity_decode($code);

    The above would print:

    <script>alert("document.cookie");</script>
    评论

报告相同问题?