2010/6/10 Daniel Jomphe <[email protected]> > Gareth & Jasvir, > > Anything that runs only client-side is _underkill_ for my needs :) > > I really need server-side sanitization. >
In that case, the PipelineMaker is a good place to start. You probably want the goal PipelineMaker.HTML_SAFE_STATIC. To get content in, take a look at DomParser. cheers, mike > Thanks anyway! :) > > On Jun 10, 4:26 pm, Gareth <[email protected]> wrote: > > On Jun 10, 7:38 pm, Daniel Jomphe <[email protected]> wrote: > > > > > I'm looking at Caja to see if it may be used as a proper sanitizer for > > > what comes out of a TextArea on a web page form, and would then be > > > displayed back on any user's browser. > > > > Caja maybe overkill for such a purpose. I recommendHTMLReg > > > > HTMLReg that I > > have developed, it has been tested by many talented people on > > sla.ckers and although I can't claim it 100% secure because nothing is > > it's pretty good:- > > <http://www.businessinfo.co.uk/labs/HTMLReg/HTMLReg.html> >
