实例:
xss.xml
<?xml version="1.0" encoding="UTF-8"?>
<filters>
<filter>
<id>1</id>
<rule><![CDATA[(?:"[^"]*[^-]?>)|(?:[^ws]s*/>)|(?:>")]]></rule>
<description>finds html breaking injections including whitespace attacks</description>
</filter>
</filters>
1.使用$result = simplexml_load_file ( 'xss.xml', 'SimpleXMLElement', LIBXML_NOCDATA );
2.使用$result = getElementByTagName("rule")读取文本,再使用str_replace()用空格替换<![CDATA[( && )]]>,最后使用trim(string,charlist)[charlist=""]删除字符串两端的空格!