Solved

Regex to modify the HTML being submitted

Posted on 2014-04-29
3
150 Views
Last Modified: 2015-02-27
Just recently working on one of the websites i have, found one issue:

People were submitting complete iframe tag or complete embed tag inside the table column including the url to run the video..

How can i remove the html around it or santitize it to just keep the url inside intact and add that inside the table column and ignore other html elements

like an example here

<iframe width="420" height="345"
src="http://www.youtube.com/embed/XGSy3_Czz8k">
</iframe>

<embed
width="420" height="345"
src="http://www.youtube.com/v/XGSy3_Czz8k"
type="application/x-shockwave-flash">
</embed>

Open in new window


in the above cases, just remove the html tags and keep the src to insert into the table column,

well it is not happening everytime, couple of users doing this, so also wanna have check if that in form entry, the iframe or embed source is found, then continue..

regards
0
Comment
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 75

Accepted Solution

by:
Michel Plungjan earned 500 total points
ID: 40033071
alert('<iframe width="420" height="345" src="http://www.youtube.com/embed/XGSy3_Czz8k"></iframe>'.match(/src="(.+?)"/)[1]);

So var src = tag.match(/src="(.+?)"/)[1];
0
 
LVL 16

Author Comment

by:Gurpreet Singh Randhawa
ID: 40033087
@mplungjan - I have to test it, if this works in coldfusion serverside, i will post the results
0
 
LVL 16

Author Closing Comment

by:Gurpreet Singh Randhawa
ID: 40634923
solved with minor modifications, thx
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

PROBLEM:  How to open a cfwindow or run a function on double click of a cfgrid row. One of my clients wanted to be able to double click on a row item to get more detailed information about a transaction and to be able to modify the line items i…
This is an updated version of a post made on my blog over 3 years ago. It is unfortunately, still very relevant as we continue to see both SQLi (SQL injection) and XSS (cross site scripting) attacks hitting some of the most recognizable website and …
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question