<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=us-ascii">
<META content="MSHTML 6.00.6000.16587" name=GENERATOR></HEAD>
<BODY>
<DIV><FONT face=新細明體 size=2><SPAN class=498514807-10012008>Instead of using the
big HTML parser like HTMLPurifier, I think we can use the samll library like
this one:</SPAN></FONT></DIV>
<DIV><FONT face=新細明體 size=2><SPAN
class=498514807-10012008></SPAN></FONT> </DIV>
<DIV><FONT face=新細明體 size=2><SPAN class=498514807-10012008><A
href="http://svn.bitflux.ch/repos/public/popoon/trunk/classes/externalinput.php">http://svn.bitflux.ch/repos/public/popoon/trunk/classes/externalinput.php</A></SPAN></FONT></DIV>
<DIV><FONT face=新細明體 size=2><SPAN
class=498514807-10012008></SPAN></FONT> </DIV>
<DIV><FONT face=新細明體 size=2><SPAN class=498514807-10012008>to remove the XSS
attack. It is better then just remove <script>xxx</script> only
...</SPAN></FONT></DIV>
<DIV><FONT face=新細明體 size=2><SPAN
class=498514807-10012008></SPAN></FONT> </DIV>
<DIV><FONT face=新細明體 size=2><SPAN class=498514807-10012008>So, we have another
alternative solution ~</SPAN></FONT></DIV>
<DIV><FONT face=新細明體 size=2><SPAN
class=498514807-10012008></SPAN></FONT> </DIV>
<DIV><FONT face=新細明體 size=2><SPAN
class=498514807-10012008>Mark</SPAN></FONT></DIV></BODY></HTML>