Page 1 of 1

Strip javascript only from richtext form. How?

Posted: Tue Jan 13, 2009 12:43 pm
by jmut
Hi devs,
I am stuck with tinymce legacy code. What I see there is that security lacks big time. I'd like to strip any javascript thingy inside.
I kinda doubt this topic is not addressed in genral but google doesn't give much exact/nice results.
Wonder if anyone have advise on my issue. At first sight I am thinking to just strip any <javascript thingy but that would be too naive.
Cheers.

Re: Strip javascript only from richtext form. How?

Posted: Tue Jan 13, 2009 12:44 pm
by jmut
This might actually be better suited for security. Sorry for that.

Re: Strip javascript only from richtext form. How?

Posted: Thu Jan 22, 2009 1:46 am
by jmut
I wonder if HTML Purifier is suitable for this? Anyone used it as such tool.