security and wysiwyg form editors

    Date: 07/17/06 (Web Development)    Keywords: html, security

    I posted not too long ago asking for recomendations for wysiwyg form editors. I.e. i want my users to be able to use a wysiwyg editor when using my site. I got a lot of great recommendations, but now I have another question. How do you handled security with these and prevent things like xss since these editors typically send html text. I know that parsing html is one option, but it is not simple. If your curious about the difficulties in "cleaning" up html then read this: http://namb.la/popular/tech.html

    What would be ideal is a wysiwyg editor that doesn't pass pure html but something like bbcode or markdown. Anyone have any recommendations?

    Source: http://community.livejournal.com/webdev/335363.html

« IE not displaying a table... || Care for a startup? »
Search  •  Site Map  •  Set as Homepage  •  Add to Favourites  • 
antivirus | apache | asp | blogging | browser | bugtracking | cms | crm | css | database | ebay | ecommerce | google | hosting | html | java | jsp | linux | microsoft | mysql | offshore | offshoring | oscommerce | php | postgresql | programming | rss | security | seo | shopping | software | spam | spyware | sql | technology | templates | tracker | virus | web | xml | yahoo | home