cinkagan · January 11, 2021 23:41
diff --git a/XSS.php b/XSS.php
 <?php

 namespace App\Http\Middleware;

 use Illuminate\Support\Facades\Redirect;
 use Closure;

 class XSS
 {
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        $url = str_replace($request->url(), "", $request->fullUrl());
        $input = $request->all();

        array_walk_recursive($input, function (&$input) {
            $input = strip_tags($input);
        });

        if (preg_match('/[\'^£$%&*()}{@#~><>|_+¬-]/', $url))
            return redirect($request->url() . "/" . preg_replace('/[\'^£$%&*()}{@#~><>|_+¬-]/',"",strip_tags($url)));

        $request->merge($input);
        return $next($request);
    }
 }
	<?php

	namespace App\Http\Middleware;

	use Illuminate\Support\Facades\Redirect;
	use Closure;

	class XSS
	{
	/**
	* Handle an incoming request.
	*
	* @param \Illuminate\Http\Request $request
	* @param \Closure $next
	* @return mixed
	*/
	public function handle($request, Closure $next)
	{
	$url = str_replace($request->url(), "", $request->fullUrl());
	$input = $request->all();

	array_walk_recursive($input, function (&$input) {
	$input = strip_tags($input);
	});

	if (preg_match('/[\'^£$%&*()}{@#~><>\|_+¬-]/', $url))
	return redirect($request->url() . "/" . preg_replace('/[\'^£$%&*()}{@#~><>\|_+¬-]/',"",strip_tags($url)));

	$request->merge($input);
	return $next($request);
	}
	}