PHP过滤XSS攻击的函数

创建时间：2016-02-16 投稿人：浏览次数：1855

XSS又叫CSS (Cross Site Script) ，跨站脚本攻击。它指的是恶意攻击者往Web页面里插入恶意html代码，当用户浏览该页之时，嵌入其中Web里面的html代码会被执行，进而达到某些人的攻击目的。

<?php  
function RemoveXSS($val) {  
   // remove all non-printable characters. CR(0a) and LF(0b) and TAB(9) are allowed  
   // this prevents some character re-spacing such as <javascript>  
   // note that you have to handle splits with 
, 
, and 	 later since they *are* allowed in some inputs  
   $val = preg_replace("/([x00-x08,x0b-x0c,x0e-x19])/", "", $val);  

   // straight replacements, the user should never need these since they"re normal characters  
   // this prevents like <IMG SRC=@avascript:alert("XSS")>  
   $search = "abcdefghijklmnopqrstuvwxyz"; 
   $search .= "ABCDEFGHIJKLMNOPQRSTUVWXYZ";  
   $search .= "1234567890!@#$%^&*()"; 
   $search .= "~`";:?+/={}[]-_|"\"; 
   for ($i = 0; $i < strlen($search); $i++) { 
      // ;? matches the ;, which is optional 
      // 0{0,7} matches any padded zeros, which are optional and go up to 8 chars 

      // @ @ search for the hex values 
      $val = preg_replace("/(&#[xX]0{0,8}".dechex(ord($search[$i])).";?)/i", $search[$i], $val); // with a ; 
      // @ @ 0{0,7} matches "0" zero to seven times  
      $val = preg_replace("/(&#0{0,8}".ord($search[$i]).";?)/", $search[$i], $val); // with a ; 
   } 

   // now the only remaining whitespace attacks are 	, 
, and 
 
   $ra1 = Array("javascript", "vbscript", "expression", "applet", "meta", "xml", "blink", "link", "style", "script", "embed", "object", "iframe", "frame", "frameset", "ilayer", "layer", "bgsound", "title", "base"); 
   $ra2 = Array("onabort", "onactivate", "onafterprint", "onafterupdate", "onbeforeactivate", "onbeforecopy", "onbeforecut", "onbeforedeactivate", "onbeforeeditfocus", "onbeforepaste", "onbeforeprint", "onbeforeunload", "onbeforeupdate", "onblur", "onbounce", "oncellchange", "onchange", "onclick", "oncontextmenu", "oncontrolselect", "oncopy", "oncut", "ondataavailable", "ondatasetchanged", "ondatasetcomplete", "ondblclick", "ondeactivate", "ondrag", "ondragend", "ondragenter", "ondragleave", "ondragover", "ondragstart", "ondrop", "onerror", "onerrorupdate", "onfilterchange", "onfinish", "onfocus", "onfocusin", "onfocusout", "onhelp", "onkeydown", "onkeypress", "onkeyup", "onlayoutcomplete", "onload", "onlosecapture", "onmousedown", "onmouseenter", "onmouseleave", "onmousemove", "onmouseout", "onmouseover", "onmouseup", "onmousewheel", "onmove", "onmoveend", "onmovestart", "onpaste", "onpropertychange", "onreadystatechange", "onreset", "onresize", "onresizeend", "onresizestart", "onrowenter", "onrowexit", "onrowsdelete", "onrowsinserted", "onscroll", "onselect", "onselectionchange", "onselectstart", "onstart", "onstop", "onsubmit", "onunload"); 
   $ra = array_merge($ra1, $ra2); 

   $found = true; // keep replacing as long as the previous round replaced something 
   while ($found == true) { 
      $val_before = $val; 
      for ($i = 0; $i < sizeof($ra); $i++) { 
         $pattern = "/"; 
         for ($j = 0; $j < strlen($ra[$i]); $j++) { 
            if ($j > 0) { 
               $pattern .= "(";  
               $pattern .= "(&#[xX]0{0,8}([9ab]);)"; 
               $pattern .= "|";  
               $pattern .= "|(&#0{0,8}([9|10|13]);)"; 
               $pattern .= ")*"; 
            } 
            $pattern .= $ra[$i][$j]; 
         } 
         $pattern .= "/i";  
         $replacement = substr($ra[$i], 0, 2)."<x>".substr($ra[$i], 2); // add in <> to nerf the tag  
         $val = preg_replace($pattern, $replacement, $val); // filter out the hex tags  
         if ($val_before == $val) {  
            // no replacements were made, so exit the loop  
            $found = false;  
         }  
      }  
   }  
   return $val;  
}

声明：该文观点仅代表作者本人，入门客AI创业平台信息发布平台仅提供信息存储空间服务，如有疑问请联系rumenke@qq.com。

热门文章: PHP过滤XSS攻击的函数; PHP字符串全排列; PHP函数中isset和array_key_exists...; Nginx+Php-fpm运行原理详解; PHP超时处理总结; Restful API 原理以及实现; PHP合并两个有序数组; PHP从文件中读取字符串问题...; PHP函数遍历一个文件夹下的...; php约瑟夫环

最新文章: PHP7扩展开发之类型处理; PHP7扩展开发之配置项; PHP7扩展开发之依赖其他扩...; PHP7扩展开发之创建变量; PHP7扩展开发之类的创建; PHP字节单位转换; memcached的最佳实践方案; 使用XHProf查找PHP性能瓶颈 ...; PHP OpenSSL&Mcrypt实现AES加...; Nginx 502错误原因和解决方法...