怎么过滤html标签

html-css011

怎么过滤html标签,第1张

过滤html标签代码如下:

public string checkStr(string html)

{

System.Text.RegularExpressions.Regex regex1 = new System.Text.RegularExpressions.Regex(@"<script[\s\S]+</script *>", System.Text.RegularExpressions.RegexOptions.IgnoreCase)

System.Text.RegularExpressions.Regex regex2 = new System.Text.RegularExpressions.Regex(@" href *= *[\s\S]*script *:", System.Text.RegularExpressions.RegexOptions.IgnoreCase)

System.Text.RegularExpressions.Regex regex3 = new System.Text.RegularExpressions.Regex(@" on[\s\S]*=", System.Text.RegularExpressions.RegexOptions.IgnoreCase)

System.Text.RegularExpressions.Regex regex4 = new System.Text.RegularExpressions.Regex(@"<iframe[\s\S]+</iframe *>", System.Text.RegularExpressions.RegexOptions.IgnoreCase)

System.Text.RegularExpressions.Regex regex5 = new System.Text.RegularExpressions.Regex(@"<frameset[\s\S]+</frameset *>", System.Text.RegularExpressions.RegexOptions.IgnoreCase)

System.Text.RegularExpressions.Regex regex6 = new System.Text.RegularExpressions.Regex(@"\<img[^\>]+\>", System.Text.RegularExpressions.RegexOptions.IgnoreCase)

System.Text.RegularExpressions.Regex regex7 = new System.Text.RegularExpressions.Regex(@"</p>", System.Text.RegularExpressions.RegexOptions.IgnoreCase)

System.Text.RegularExpressions.Regex regex8 = new System.Text.RegularExpressions.Regex(@"<p>", System.Text.RegularExpressions.RegexOptions.IgnoreCase)

System.Text.RegularExpressions.Regex regex9 = new System.Text.RegularExpressions.Regex(@"<[^>]*>", System.Text.RegularExpressions.RegexOptions.IgnoreCase)

html = regex1.Replace(html, "")//过滤<script></script>标记

html = regex2.Replace(html, "")//过滤href=javascript: (<A>) 属性

html = regex3.Replace(html, " _disibledevent=")//过滤其它控件的on...事件

html = regex4.Replace(html, "")//过滤iframe

html = regex5.Replace(html, "")//过滤frameset

html = regex6.Replace(html, "")//过滤frameset

html = regex7.Replace(html, "")//过滤frameset

html = regex8.Replace(html, "")//过滤frameset

html = regex9.Replace(html, "")

html = html.Replace(" ", "")

html = html.Replace("</strong>", "")

html = html.Replace("<strong>", "")

return html

}

1、过滤所有html标签的属性的正则表达式:

$search = array ("'<script[^>]*?>.*?</script>'si", // 去掉 JavaScript

"'<[\/\!]*?[^<>]*?>'si", // 去掉 HTML 标记

"'([\r\n])[\s]+'",// 去掉空白字符

"'&(quot|#34)'i",// 替换 HTML 实体

"'&(amp|#38)'i",

"'&(lt|#60)'i",

"'&(gt|#62)'i",

"'&(nbsp|#160)'i"

) // 作为 PHP 代码运行

$replace = array ("","","\\1","\"","&","<",">"," ")

$html = preg_replace($search, $replace, $html)

import java.util.regex.Matcher

import java.util.regex.Pattern

/**

* <p>

* Title: HTML相关的正则表达式工具类

* </p>

* <p>

* Description: 包括过滤HTML标记,转换HTML标记,替换特定HTML标记

* </p>

* <p>

* Copyright: Copyright (c) 2006

* </p>

*

* @author hejian

* @version 1.0

* @createtime 2006-10-16

*/

public class HtmlRegexpUtil {

private final static String regxpForHtml = "<([^>]*)>"// 过滤所有以<开头以>结尾的标签

private final static String regxpForImgTag = "<\\s*img\\s+([^>]*)\\s*>"// 找出IMG标签

private final static String regxpForImaTagSrcAttrib = "src=\"([^\"]+)\""// 找出IMG标签的SRC属性

/**

*

*/

public HtmlRegexpUtil() {

// TODO Auto-generated constructor stub

}

/**

*

* 基本功能:替换标记以正常显示

* <p>

*

* @param input

* @return String

*/

public String replaceTag(String input) {

if (!hasSpecialChars(input)) {

return input

}

StringBuffer filtered = new StringBuffer(input.length())

char c

for (int i = 0i <= input.length() - 1i++) {

c = input.charAt(i)

switch (c) {

case '<':

filtered.append("<")

break

case '>':

filtered.append(">")

break

case '"':

filtered.append(""")

break

case '&':

filtered.append("&")

break

default:

filtered.append(c)

}

}

return (filtered.toString())

}

/**

*

* 基本功能:判断标记是否存在

* <p>

*

* @param input

* @return boolean

*/

public boolean hasSpecialChars(String input) {

boolean flag = false

if ((input != null) &&(input.length() >0)) {

char c

for (int i = 0i <= input.length() - 1i++) {

c = input.charAt(i)

switch (c) {

case '>':

flag = true

break

case '<':

flag = true

break

case '"':

flag = true

break

case '&':

flag = true

break

}

}

}

return flag

}

/**

*

* 基本功能:过滤所有以"<"开头以">"结尾的标签

* <p>

*

* @param str

* @return String

*/

public static String filterHtml(String str) {

Pattern pattern = Pattern.compile(regxpForHtml)

Matcher matcher = pattern.matcher(str)

StringBuffer sb = new StringBuffer()

boolean result1 = matcher.find()

while (result1) {

matcher.appendReplacement(sb, "")

result1 = matcher.find()

}

matcher.appendTail(sb)

return sb.toString()

}

/**

*

* 基本功能:过滤指定标签

* <p>

*

* @param str

* @param tag

*指定标签

* @return String

*/

public static String fiterHtmlTag(String str, String tag) {

String regxp = "<\\s*" + tag + "\\s+([^>]*)\\s*>"

Pattern pattern = Pattern.compile(regxp)

Matcher matcher = pattern.matcher(str)

StringBuffer sb = new StringBuffer()

boolean result1 = matcher.find()

while (result1) {

matcher.appendReplacement(sb, "")

result1 = matcher.find()

}

matcher.appendTail(sb)

return sb.toString()

}

/**

*

* 基本功能:替换指定的标签

* <p>

*

* @param str

* @param beforeTag

*要替换的标签

* @param tagAttrib

*要替换的标签属性值

* @param startTag

*新标签开始标记

* @param endTag

*新标签结束标记

* @return String

* @如:替换img标签的src属性值为[img]属性值[/img]

*/

public static String replaceHtmlTag(String str, String beforeTag,

String tagAttrib, String startTag, String endTag) {

String regxpForTag = "<\\s*" + beforeTag + "\\s+([^>]*)\\s*>"

String regxpForTagAttrib = tagAttrib + "=\"([^\"]+)\""

Pattern patternForTag = Pattern.compile(regxpForTag)

Pattern patternForAttrib = Pattern.compile(regxpForTagAttrib)

Matcher matcherForTag = patternForTag.matcher(str)

StringBuffer sb = new StringBuffer()

boolean result = matcherForTag.find()

while (result) {

StringBuffer sbreplace = new StringBuffer()

Matcher matcherForAttrib = patternForAttrib.matcher(matcherForTag

.group(1))

if (matcherForAttrib.find()) {

matcherForAttrib.appendReplacement(sbreplace, startTag

+ matcherForAttrib.group(1) + endTag)

}

matcherForTag.appendReplacement(sb, sbreplace.toString())

result = matcherForTag.find()

}

matcherForTag.appendTail(sb)

return sb.toString()

}

}