On Fri, 2006-10-06 at 18:48 +0200, Hendrik Van Belleghem wrote: > "mock" talked about XSS at this years YAPC::Europe in Birmingham a few > weeks ago. He had quite a few examples. His slides are at > http://sketchfactory.com/static/mvc.pdf (More Vulnerable Code). > It goes without saying that it would be a bit unwise to test the URLs > mentioned in the talk.
He briefly mentions HTML::Scrubber in there. I am using HTML::Stripscripts::Parser, which also makes sure that tags are nested properly. Anybody have any view on these (or other) modules? Clint