As I like thinking outside of the box i would recommend Textile and
Markdown:
http://www.elated.com/articles/textile-markdown-nice-alternatives-to-wysiwyg-editors/
Regards,
Maurits
On 10/04/2010 07:02 PM, Loic Duros wrote:
> Hello,
>
> I'm currently building a blog with CakePHP, and I would like to
> sanitize/filter my posts before they are displayed on screen to prevent
> cross-site scripting. However, I would still like to allow for a great
> deal of HTML markup and attributes in the HTML. I have tried using the
> Sanitize Core Library but, as far as I know, it doesn't allow for
> filtering some tags while keeping others. As a result, I'm looking into
> HTML Purifier (http://htmlpurifier.org/) to do the job in my controller
> and/or view template files. I found the following Brita Component in the
> Bakery:
> http://bakery.cakephp.org/articles/view/brita-component-with-html-purifier
>
> I wonder however if anyone has implemented such a filtering/sanitizing
> solution for their site and if I'm missing something obvious I should be
> using to secure my site on that end.
>
> Thank you,
>
> Loic
>
> Check out the new CakePHP Questions site http://cakeqs.org and help
> others with their CakePHP related questions.
>
> You received this message because you are subscribed to the Google
> Groups "CakePHP" group.
> To post to this group, send email to
> cake-php@googlegroups.com
> To unsubscribe from this group, send email to
> cake-php+unsubscribe@googlegroups.com For more
> options, visit this group at http://groups.google.com/group/cake-php?hl=en
Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions.
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
No comments:
Post a Comment