Level Extreme platform
Subscription
Corporate profile
Products & Services
Support
Legal
Français
Grabbing everything but the script
Message
From
15/05/2013 18:36:27
Michel Fournier
Level Extreme Inc.
Petit-Rocher, New Brunswick, Canada
 
General information
Forum:
Javascript
Category:
DHTML
Title:
Re: Grabbing everything but the script
Miscellaneous
Thread ID:
01572384
Message ID:
01574020
Views:
49
>Using jQuery you can strip all the script tags like this:
>
>
>        < script src="scripts/jquery.min.js"></script>
>
>        < script type="text/javascript">
>	    $().ready( function() {
>	        var html = document.body.innerHTML;	    
>	        $html = $(html);
>	        $html.remove("script");        
>	        alert($html[0].outerHTML);
>	    });
>        </ script>
>
>
>If you use regex approaches be aware that code like Thierry's doesn't capture things like extra leading spaces on tags.
>
>Also be aware that there are many more attack vectors than script tags - javascript inside of HREF links, object tags form tags that can point at script etc.
>
>For some rudimentary discussion of what's involved at minimum take a look at this post where I tackle server side cleanup of HTML using HtmlAgilityPack.
>http://www.west-wind.com/weblog/posts/2012/Jul/19/NET-HTML-Sanitation-for-rich-HTML-Input

Thanks, this is a very interesting reply.
Michel Fournier
Level Extreme Inc.
Designer, architect, owner of the Level Extreme Platform
Subscribe to the site at https://www.levelextreme.com/Home/DataEntry?Activator=55&NoStore=303
Subscription benefits https://www.levelextreme.com/Home/ViewPage?Activator=7&ID=52
Previous
Reply
Map
View

Click here to load this message in the networking platform