Community Learn Tools Library Leisure

English

Home > Backend Development > PHP Tutorial > Markdown原始内容储存到数据库时怎样提高安全？

Markdown原始内容储存到数据库时怎样提高安全？

WBOY

Release： 2016-06-06 20:35:53

Original

1161 people have browsed it

是不是提前过滤一些不安全的内容之后再储存，读取到页面时正常渲染。
还是换一种方式储存原始没做处理的markdown格式，在页面上渲染的时候再过滤不安全的内容？

sf是怎样提高xss之类的威胁？有好用的提高markdown安全的类库吗？多谢。。。。

回复内容：

是不是提前过滤一些不安全的内容之后再储存，读取到页面时正常渲染。
还是换一种方式储存原始没做处理的markdown格式，在页面上渲染的时候再过滤不安全的内容？

sf是怎样提高xss之类的威胁？有好用的提高markdown安全的类库吗？多谢。。。。

用户撰写的 markdown 里的一些html标签会被转义成html实体字符

显示结果	描述	实体名称	实体编号
	空格
	小于号	<	<
>	大于号	>	>
&	和号	&	&
"	引号	"	"
'	撇号	' (IE不支持)	'
￠	分	¢	¢
£	镑	£	£
¥	日圆	¥	¥
€	欧元	€	€
§	小节	§	§
©	版权	©	©
®	注册商标	®	®
™	商标	™	™
×	乘号	×	×
÷	除号	÷	÷

我觉得是这样的，首先，你数据保持的时候是2份，第一份也就是现在用的body字段保持是转换后的HTML，第二个字段保存原始的md格式文件，如果要编辑还是编辑md字段，只要你保持我才重新生成html字段，这样我觉得挺好。也方便扩展

Related labels：

markdown php

source：php.cn

Previous article：在yii2中怎么配置前后台，使得在一个项目中同时可以登陆前后台 Next article：laravel的queue实现

Statement of this Website

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Latest Articles by Author

What is a NullPointerException, and how do I fix it?

2024-10-22 09:46:29
From Novice to Coder: Your Journey Begins with C Fundamentals

2024-10-13 13:53:41
Unlocking Web Development with PHP: A Beginner's Guide

2024-10-12 12:15:51
Demystifying C: A Clear and Simple Path for New Programmers

2024-10-11 22:47:31
Unlock Your Coding Potential: C Programming for Absolute Beginners

2024-10-11 19:36:51
Unleash Your Inner Programmer: C for Absolute Beginners

2024-10-11 15:50:41
Automate Your Life with C: Scripts and Tools for Beginners

2024-10-11 15:07:41
PHP Made Easy: Your First Steps in Web Development

2024-10-11 14:21:21
Build Anything with Python: A Beginner's Guide to Unleashing Your Creativity

2024-10-11 12:59:11
The Key to Coding: Unlocking the Power of Python for Beginners

2024-10-11 12:17:31

Latest Issues

function_exists() cannot determine the custom function Function test () {return true;} if (function_exists ('test')) {echo "test is function...

From 2024-04-29 11:01:01

0

3

2183

How to display the mobile version of Google Chrome Hello teacher, how can I change Google Chrome into a mobile version?

From 2024-04-23 00:22:19

0

11

2330

The child window operates the parent window, but the output does not respond. The first two sentences are executable, but the last sentence cannot be implemented.

From 2024-04-19 15:37:47

0

1

1960

There is no output in the parent window document.onclick = function(){ window.opener.document.write('I am the output of the child ...

From 2024-04-18 23:52:34

0

1

1845

Where is the courseware about CSS mind mapping? Courseware

From 2024-04-16 10:10:18

0

0

1896

Related Topics

More>

Popular Recommendations

Popular Tutorials

More>

Related Tutorials

Popular Recommendations

Latest courses

Latest Downloads

More>

Web Effects

Website Source Code

Website Materials

Front End Template