Hello, I want to save some html formatted text (bold, italic and underline only) while preventing XSS.
I have developed a method but I'm not sure if it's OK and I would like your input on this. First of all I allow any kind of imput through TinyMCE. In the controller I replace all allowed tags like <b> and <i> with some bb tags like [b]. I then remove all html tags with Sanitize and replace the bb tags with html tags. Is this the proper way to do it? Thanks, Andrei Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions. You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
