代码如下:
// 安全过滤
function safe_html($html){
$elements = [
'html' => [],
'body' => [],
'a' => ['target', 'href', 'title', 'class', 'style'],
'abbr' => ['title', 'class', 'style'],
'address' => ['class', 'style'],
'area' => ['shape', 'coords', 'href', 'alt'],
'article' => [],
'aside' => [],
'audio' => ['autoplay', 'controls', 'loop', 'preload', 'src', 'class', 'style'],
'b' => ['class', 'style'],
'bdi' => ['dir'],
'bdo' => ['dir'],
'big' => [],
'blockquote'=> ['cite', 'class', 'style'],
'br' => [],
'caption' => ['class', 'style'],
'center' => [],
'cite' => [],
'code' => ['class', 'style'],
'col' => ['align', 'valign', 'span', 'width', 'class', 'style'],
'colgroup' => ['align', 'valign', 'span', 'width', 'class', 'style'],
'dd' => ['class', 'style'],
'del' => ['datetime'],
'details' => ['open'],
'div' => ['class', 'style'],
'dl' => ['class', 'style'],
'dt' => ['class', 'style'],
'em' => ['class', 'style'],
'font' => ['color', 'size', 'face'],
'footer' => [],
'h1' => ['class', 'style'],
'h2' => ['class', 'style'],
'h3' => ['class', 'style'],
'h4' => ['class', 'style'],
'h5' => ['class', 'style'],
'h6' => ['class', 'style'],
'header' => [],
'hr' => [],
'i' => ['class', 'style'],
'img' => ['src', 'alt', 'title', 'width', 'height', 'id', 'class'],
'ins' => ['datetime'],
'li' => ['class', 'style'],
'mark' => [],
'nav' => [],
'ol' => ['class', 'style'],
'p' => ['class', 'style'],
'pre' => ['class', 'style'],
's' => [],
'section' => [],
'small' => [],
'span' => ['class', 'style'],
'sub' => ['class', 'style'],
'sup' => ['class', 'style'],
'strong' => ['class', 'style'],
'table' => ['width', 'border', 'align', 'valign', 'class', 'style'],
'tbody' => ['align', 'valign', 'class', 'style'],
'td' => ['width', 'rowspan', 'colspan', 'align', 'valign', 'class', 'style'],
'tfoot' => ['align', 'valign', 'class', 'style'],
'th' => ['width', 'rowspan', 'colspan', 'align', 'valign', 'class', 'style'],
'thead' => ['align', 'valign', 'class', 'style'],
'tr' => ['rowspan', 'align', 'valign', 'class', 'style'],
'tt' => [],
'u' => [],
'ul' => ['class', 'style'],
'video' => ['autoplay', 'controls', 'loop', 'preload', 'src', 'height', 'width', 'class', 'style'],
'embed' => ['src', 'height','align', 'width', 'class', 'style','type','pluginspage','wmode','play','loop','menu','allowscriptaccess','allowfullscreen'],
'source' => ['src', 'type']
];
$html = strip_tags($html,'<'.implode('><', array_keys($elements)).'>');
$xml = new \DOMDocument();
libxml_use_internal_errors(true);
if (!strlen($html)){
return '';
}
if ($xml->loadHTML('<meta http-equiv="Content-Type" content="text/html; charset=utf-8">' . $html)){
foreach ($xml->getElementsByTagName("*") as $element){
if (!isset($elements[$element->tagName])){
$element->parentNode->removeChild($element);
}else{
for ($k = $element->attributes->length - 1; $k >= 0; --$k) {
if (!in_array($element->attributes->item($k) -> nodeName, $elements[$element->tagName])){
$element->removeAttributeNode($element->attributes->item($k));
}elseif (in_array($element->attributes->item($k) -> nodeName, ['href','src','style','background','size'])) {
$_keywords = ['javascript:','javascript.:','vbscript:','vbscript.:',':expression'];
$find = false;
foreach ($_keywords as $a => $b) {
if (false !== strpos(strtolower($element->attributes->item($k)->nodeValue),$b)) {
$find = true;
}
}
if ($find) {
$element->removeAttributeNode($element->attributes->item($k));
}
}
}
}
}
}
$html = substr($xml->saveHTML($xml->documentElement), 12, -14);
$html = strip_tags($html,'<'.implode('><', array_keys($elements)).'>');
return $html;
}当然 还有一种漏洞就是url权限操作链接,可能引起版主误操作。
