jlp09550 Posted August 16, 2007 Share Posted August 16, 2007 Hello, I've had a code for this before, but have lost it since. Anyways, I'm looking for a code/tutorial on preventing "cookie stealing" scripts from being launched from profiles and stuff. I want to enable HTML in the profile as just using normal coding doesn't allow full personalization. So, can anyone help me out and show me a code/tutorial on preventing such? Thanks, Jared Link to comment https://forums.phpfreaks.com/topic/65304-preventing-cookie-stealers/ Share on other sites More sharing options...
jlp09550 Posted August 17, 2007 Author Share Posted August 17, 2007 Anyone? Link to comment https://forums.phpfreaks.com/topic/65304-preventing-cookie-stealers/#findComment-326284 Share on other sites More sharing options...
Fadion Posted August 17, 2007 Share Posted August 17, 2007 Cookies are stealed by XSS and basically they can be prevented by cleaning up input using builtin functions like htmlentities(), strip_tags() or htmlspecialchars(). I guess your option is to turn off html and use special coding like BBCode. Link to comment https://forums.phpfreaks.com/topic/65304-preventing-cookie-stealers/#findComment-326358 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.