Hi, I wanted to followup on this thread - http://markmail.org/message/p776jdk35ni6fjof
I'd like to prevent javascript entered in title, entry and about section from being executed. Is there a setting or utils method that is available? If not, would this be something similar to whats done for utils.escapeHTML. Our current _day.vm uses $entry.displayContent to display the entry. I'd like the allow HTML but NOT javascript. Is this a matter of doing replace String for <script>? I'm running 4.01 on WLS 11g and Oracle DB. Thanks, Van
