如何过滤掉这些javascript破坏代码,有通用的函数吗?
<img src="javascript:alert(/xss/)" width=100>
<img src="javascript:alert(/xss/)" width=100>
<img src="javas cript:alert(/xss/)" width=100>
<img src="#" onerror=alert(/xss/)>
<img src="#" style="Xss:expression(alert(/xss/));">
<img src="#"/**/onerror=alert(/xss/) width=100>
---------------------------------------------------------------