-
kses 0.2.2 out now
kses is an HTML/XHTML filter written in PHP. It removes all unwanted HTML elements and attributes, and it also does several checks on attribute values. kses can be used to avoid Cross-Site Scripting (XSS), Buffer Overflows and Denial of Service attacks. It is used by popular programs such as WordPress and Geeklog.
The 0.2.2 release adds a second object-oriented kses version for PHP 5, the use of isset() avoids PHP notice warnings, the chr(173) handling is changed to help Asian users, and the handling of closing HTML elements is improved.
2005-02-07 03:03:12 UTC by metaur
-
kses 0.2.1 out now
kses is an HTML/XHTML filter written in PHP. It removes all unwanted HTML elements and attributes, and it also does several checks on attribute values. kses can be used to avoid Cross-Site Scripting (XSS), Buffer Overflows and Denial of Service attacks.
The 0.2.1 release adds a new object-oriented version of kses, three new attribute value checks (minlen, minval and valueless), a work-around for an Opera "feature" that treats chr(173) as whitespace, and some other minor changes.
2003-09-29 08:05:28 UTC by metaur
-
kses 0.2.0 out now
kses is an HTML/XHTML filter written in PHP. It removes all unwanted HTML elements and attributes, and it also does several checks on attribute values. kses can be used to avoid Cross-Site Scripting (XSS), Buffer Overflows and Denial of Service attacks.
Version 0.2.0 is out now. It supports attribute value checks (maxlen and maxval), white listing of allowed URL protocols, XHTML, removal of Netscape 4's JavaScript entities and it also has some bug fixes.
2003-07-25 11:42:14 UTC by metaur
-
kses 0.1.0 out now
kses is an HTML filter written in PHP. It filters all HTML elements and attributes that are not allowed - no matter how strange or tricky the HTML code is. This is helpful to stop XSS (Cross-site Scripting) security holes, among other things.
Version 0.1.0 of the program is out now. It's the first public release.
2003-06-09 14:16:07 UTC by metaur
