>Using jQuery you can strip all the script tags like this:
>
>
> < script src="scripts/jquery.min.js"></script>
>
> < script type="text/javascript">
> $().ready( function() {
> var html = document.body.innerHTML;
> $html = $(html);
> $html.remove("script");
> alert($html[0].outerHTML);
> });
> </ script>
>
>
>If you use regex approaches be aware that code like Thierry's doesn't capture things like extra leading spaces on tags.
>
>Also be aware that there are many more attack vectors than script tags - javascript inside of HREF links, object tags form tags that can point at script etc.
>
>For some rudimentary discussion of what's involved at minimum take a look at this post where I tackle server side cleanup of HTML using HtmlAgilityPack.
>
http://www.west-wind.com/weblog/posts/2012/Jul/19/NET-HTML-Sanitation-for-rich-HTML-InputThanks, this is a very interesting reply.