Strip javascript only from richtext form. How?
Posted: Tue Jan 13, 2009 12:43 pm
Hi devs,
I am stuck with tinymce legacy code. What I see there is that security lacks big time. I'd like to strip any javascript thingy inside.
I kinda doubt this topic is not addressed in genral but google doesn't give much exact/nice results.
Wonder if anyone have advise on my issue. At first sight I am thinking to just strip any <javascript thingy but that would be too naive.
Cheers.
I am stuck with tinymce legacy code. What I see there is that security lacks big time. I'd like to strip any javascript thingy inside.
I kinda doubt this topic is not addressed in genral but google doesn't give much exact/nice results.
Wonder if anyone have advise on my issue. At first sight I am thinking to just strip any <javascript thingy but that would be too naive.
Cheers.