I have an XML file that I need to make sure it is valid before I parse it.
I think the simplest way is to run the entire contents of the xml file though preg_replace() to delete all characters except these:
#x9 | #xA | #xD | [#x20-#xD7FF] | [#xE000-#xFFFD] | [#x10000-#x10FFFF]
Nothing in an HTTP request can be trusted, including HTTP headers and form data. A form token is a tool that can be used to guard against request forgeries (CSRF). This article shows an improved approach to form tokens, making it more difficult to…