So does using $strip help to prevent code exploits?