Archive for the ‘PerlIDS’ tag
Strip all HTML tags with Perl like PHP’s strip_tags() does
The Perl regular expression (regexp/regex) equivalent to PHP’s strip_tags() is:
while ($string =~ s/<\S[^<>]*(?:>|$)//gs) {};
Please note that it also denotes an opening “<” (followed by a non-whitespace character) as a tag and strips all characters behind, even it is not closed by a “>”. This is the same behavior as PHP’s strip_tags().
Update: This regexp is only satisfying my test against PHP 4.x, but 5.x is pretty smarter when it comes to edge cases. It will be a challenge to build a Perl equivalent as all the different approaches in CPAN also fail the test.
PerlIDS-Artikel im deutschen Perl-Magazin $foo erschienen
Mein vierseitiger Artikel zum Perl-CPAN-Modul CGI::IDS ist in der aktuellen Ausgabe 1/2009 des deutschen Perl-Magazins $foo erschienen.
Ich gebe darin einen Überblick über die Funktion und den Einsatz von PerlIDS zur frühzeitigen Erkennung von CrossSite-Scripting, SQL-Injections und ähnlichen Angriffen auf Webapplikationen.
I just published a four pages long article in the German Perl magazine $foo about my Perl CPAN module CGI::IDS, a Website Intrusion Detection System.
OpenSource Perl Website Intrusion Detection System PerlIDS (CGI::IDS) released
Today, we at epublica have officially released my work of the last months – a Perl port of PHPIDS, a tool for detection of Cross-Site-Scripting (XSS), Cross-Site-Request-Forgery (CSRF), SQL-Injections (SQLI), Local-File-Inclusions (LFI) etc. in website requests.
The tool is released as CGI::IDS Perl module ‘PerlIDS’ on CPAN.org under the OpenSource ‘Lesser GNU Public License’ (LGPL).
