Div Tag
#1
Hey. I need a bit of help. If there's user input on my website, then how do I make sure that a <div> or </div> tag doesn't ruin my website? I don't use JavaScript and I use PHP. It'd be very useful if you could give advice with ModSecurity WAF. Thanks and any help would be much appreciated.
Reply
#2
(05-27-2021, 12:17 AM)IngloRex Wrote: Hey. I need a bit of help. If there's user input on my website, then how do I make sure that a <div> or </div> tag doesn't ruin my website? I don't use JavaScript and I use PHP. It'd be very useful if you could give advice with ModSecurity WAF. Thanks and any help would be much appreciated.

What do you mean by ruin? A div is a container, like a box to put elements in. It doesn't do anything else.
Perhaps you mean it ruins the style of the page? You would be talking about CSS then.
Reply
#3
Use HTML entities to make sure raw HTML-input doesn't screw up the site.
Read more: https://happycoding.io/tutorials/java-se...user-input

So in other words: Sanitize your user inputs to make it safe and look good. Escape html characters. There's plenty of articles on this.
Reply
#4
Perhaps you are referring to security. In that case, as Insider said above, sanitize the inputs. HTML tags, but also potentially harmful characters like % (used to encode data automatically), / and \ (yes, escape the escape bars), =, *, etc. Anyway, anything that can be inferred from the data processing logic. And remember to do this cleanup on the server side, not the client.
Reply