1 

     2 WYSIWYG - What You See Is What You Get

     3     HTML Purifier: A Pretty Good Fit for TinyMCE and FCKeditor

     4 

     5 Javascript-based WYSIWYG editors, simply stated, are quite amazing.  But I've

     6 always been wary about using them due to security issues: they handle the

     7 client-side magic, but once you've been served a piping hot load of unfiltered

     8 HTML, what should be done then?  In some situations, you can serve it uncleaned,

     9 since you only offer these facilities to trusted(?) authors.

    10 

    11 Unfortunantely, for blog comments and anonymous input, BBCode, Textile and

    12 other markup languages still reign supreme.  Put simply: filtering HTML is

    13 hard work, and these WYSIWYG authors don't offer anything to alleviate that

    14 trouble.  Therein lies the solution:

    15 

    16 HTML Purifier is perfect for filtering pure-HTML input from WYSIWYG editors.

    17 

    18 Enough said.

    19 

    20     vim: et sw=4 sts=4