public string checkStr(string html)
{
System.Text.RegularExpressions.Regex regex1 = new System.Text.RegularExpressions.Regex(@"<script[\s\S]+</script *>", System.Text.RegularExpressions.RegexOptions.IgnoreCase)
System.Text.RegularExpressions.Regex regex2 = new System.Text.RegularExpressions.Regex(@" href *= *[\s\S]*script *:", System.Text.RegularExpressions.RegexOptions.IgnoreCase)
System.Text.RegularExpressions.Regex regex3 = new System.Text.RegularExpressions.Regex(@" on[\s\S]*=", System.Text.RegularExpressions.RegexOptions.IgnoreCase)
System.Text.RegularExpressions.Regex regex4 = new System.Text.RegularExpressions.Regex(@"<iframe[\s\S]+</iframe *>", System.Text.RegularExpressions.RegexOptions.IgnoreCase)
System.Text.RegularExpressions.Regex regex5 = new System.Text.RegularExpressions.Regex(@"<frameset[\s\S]+</frameset *>", System.Text.RegularExpressions.RegexOptions.IgnoreCase)
System.Text.RegularExpressions.Regex regex6 = new System.Text.RegularExpressions.Regex(@"\<img[^\>]+\>", System.Text.RegularExpressions.RegexOptions.IgnoreCase)
System.Text.RegularExpressions.Regex regex7 = new System.Text.RegularExpressions.Regex(@"</p>", System.Text.RegularExpressions.RegexOptions.IgnoreCase)
System.Text.RegularExpressions.Regex regex8 = new System.Text.RegularExpressions.Regex(@"<p>", System.Text.RegularExpressions.RegexOptions.IgnoreCase)
System.Text.RegularExpressions.Regex regex9 = new System.Text.RegularExpressions.Regex(@"<[^>]*>", System.Text.RegularExpressions.RegexOptions.IgnoreCase)
html = regex1.Replace(html, "")//过滤<script></script>标记
html = regex2.Replace(html, "")//过滤href=javascript: (<A>) 属性
html = regex3.Replace(html, " _disibledevent=")//过滤其它控件的on...事件
html = regex4.Replace(html, "")//过滤iframe
html = regex5.Replace(html, "")//过滤frameset
html = regex6.Replace(html, "")//过滤frameset
html = regex7.Replace(html, "")//过滤frameset
html = regex8.Replace(html, "")//过滤frameset
html = regex9.Replace(html, "")
html = html.Replace(" ", "")
html = html.Replace("</strong>", "")
html = html.Replace("<strong>", "")
return html
}
1、过滤所有html标签的属性的正则表达式:$search = array ("'<script[^>]*?>.*?</script>'si", // 去掉 JavaScript
"'<[\/\!]*?[^<>]*?>'si", // 去掉 HTML 标记
"'([\r\n])[\s]+'",// 去掉空白字符
"'&(quot|#34)'i",// 替换 HTML 实体
"'&(amp|#38)'i",
"'&(lt|#60)'i",
"'&(gt|#62)'i",
"'&(nbsp|#160)'i"
) // 作为 PHP 代码运行
$replace = array ("","","\\1","\"","&","<",">"," ")
$html = preg_replace($search, $replace, $html)
顶
import java.util.regex.Matcherimport java.util.regex.Pattern
/**
* <p>
* Title: HTML相关的正则表达式工具类
* </p>
* <p>
* Description: 包括过滤HTML标记,转换HTML标记,替换特定HTML标记
* </p>
* <p>
* Copyright: Copyright (c) 2006
* </p>
*
* @author hejian
* @version 1.0
* @createtime 2006-10-16
*/
public class HtmlRegexpUtil {
private final static String regxpForHtml = "<([^>]*)>"// 过滤所有以<开头以>结尾的标签
private final static String regxpForImgTag = "<\\s*img\\s+([^>]*)\\s*>"// 找出IMG标签
private final static String regxpForImaTagSrcAttrib = "src=\"([^\"]+)\""// 找出IMG标签的SRC属性
/**
*
*/
public HtmlRegexpUtil() {
// TODO Auto-generated constructor stub
}
/**
*
* 基本功能:替换标记以正常显示
* <p>
*
* @param input
* @return String
*/
public String replaceTag(String input) {
if (!hasSpecialChars(input)) {
return input
}
StringBuffer filtered = new StringBuffer(input.length())
char c
for (int i = 0i <= input.length() - 1i++) {
c = input.charAt(i)
switch (c) {
case '<':
filtered.append("<")
break
case '>':
filtered.append(">")
break
case '"':
filtered.append(""")
break
case '&':
filtered.append("&")
break
default:
filtered.append(c)
}
}
return (filtered.toString())
}
/**
*
* 基本功能:判断标记是否存在
* <p>
*
* @param input
* @return boolean
*/
public boolean hasSpecialChars(String input) {
boolean flag = false
if ((input != null) &&(input.length() >0)) {
char c
for (int i = 0i <= input.length() - 1i++) {
c = input.charAt(i)
switch (c) {
case '>':
flag = true
break
case '<':
flag = true
break
case '"':
flag = true
break
case '&':
flag = true
break
}
}
}
return flag
}
/**
*
* 基本功能:过滤所有以"<"开头以">"结尾的标签
* <p>
*
* @param str
* @return String
*/
public static String filterHtml(String str) {
Pattern pattern = Pattern.compile(regxpForHtml)
Matcher matcher = pattern.matcher(str)
StringBuffer sb = new StringBuffer()
boolean result1 = matcher.find()
while (result1) {
matcher.appendReplacement(sb, "")
result1 = matcher.find()
}
matcher.appendTail(sb)
return sb.toString()
}
/**
*
* 基本功能:过滤指定标签
* <p>
*
* @param str
* @param tag
*指定标签
* @return String
*/
public static String fiterHtmlTag(String str, String tag) {
String regxp = "<\\s*" + tag + "\\s+([^>]*)\\s*>"
Pattern pattern = Pattern.compile(regxp)
Matcher matcher = pattern.matcher(str)
StringBuffer sb = new StringBuffer()
boolean result1 = matcher.find()
while (result1) {
matcher.appendReplacement(sb, "")
result1 = matcher.find()
}
matcher.appendTail(sb)
return sb.toString()
}
/**
*
* 基本功能:替换指定的标签
* <p>
*
* @param str
* @param beforeTag
*要替换的标签
* @param tagAttrib
*要替换的标签属性值
* @param startTag
*新标签开始标记
* @param endTag
*新标签结束标记
* @return String
* @如:替换img标签的src属性值为[img]属性值[/img]
*/
public static String replaceHtmlTag(String str, String beforeTag,
String tagAttrib, String startTag, String endTag) {
String regxpForTag = "<\\s*" + beforeTag + "\\s+([^>]*)\\s*>"
String regxpForTagAttrib = tagAttrib + "=\"([^\"]+)\""
Pattern patternForTag = Pattern.compile(regxpForTag)
Pattern patternForAttrib = Pattern.compile(regxpForTagAttrib)
Matcher matcherForTag = patternForTag.matcher(str)
StringBuffer sb = new StringBuffer()
boolean result = matcherForTag.find()
while (result) {
StringBuffer sbreplace = new StringBuffer()
Matcher matcherForAttrib = patternForAttrib.matcher(matcherForTag
.group(1))
if (matcherForAttrib.find()) {
matcherForAttrib.appendReplacement(sbreplace, startTag
+ matcherForAttrib.group(1) + endTag)
}
matcherForTag.appendReplacement(sb, sbreplace.toString())
result = matcherForTag.find()
}
matcherForTag.appendTail(sb)
return sb.toString()
}
}
