I have added the CKEditor to cake and changed the js config to only allow <ul><li> and <b> tags, but is there a security measure to prevent the user from modifying the code? I can firebug the editor and add class="something" or what ever and destroy the view. How can you prevent anything like that? I tried beforeSave to stripAll but still ends up in the db.
Any ideas how to implement the editor safely?
Thanks
Dave
No comments:
Post a Comment