On Thu, Dec 21, 2006 at 03:02:11PM -0500, Daniel Ouellet wrote: > Sorry for this off topic question, but I get more and more requests to > have WYSIWYG editing on web management servers. I have been resisting > this for many years so far as I hate this, but look likes more and more > demands may force me to do it anyway.
> Any valid feedback on the security and stability of this one on OpenBSD, > or any other prefer. I am looking more for security and stability oppose > to bell and whistle and features. > The archive point me only this one post of TinyMCE: > http://marc.theaimsgroup.com/?l=openbsd-misc&m=113468845728612&w=2 > Any feedback and/or suggestions would be greatly appreciated if any. Don't know if konqueror or TinyMCE is deficient, but they don't play together... As far as WYSIWYG editing goes, the main problem with TinyMCE is a design issue: what you see is all that you get. When was the last time you had a website that was actual static html ? you're going to get lots of banner material, and a big part of the site is going to be generated with template stuff... or if you want a nice look, you're pretty much going to want your own classes and stuff like that. TinyMCE is cute, but it's pretty much designed to handle `old-style' HTML. If you use it to create big chunks of web sites, you're soon going to end up with some hand-coded mess. As far as grabbing and sanitizing the resulting html, there are tools out there that can do that. My perl background prompts you to recommend HTML::Tree, which creates a proper parsed tree from an HTML document, and allows you to clean it up. So my assessment is that this kind of tool is pretty much limited if you actually want good-looking sites... no actual security problem per se (not more than usual form-based editors, at least on the server side). I think that, to go further, you need actual development tools that you can customize to the level of your website code. I assume eclipse will have this kind of plugin. The kde webdev suite is definitely a nice candidate there, though I haven't tried to customize it to get WYSIWYG editing of my Mason/Catalyst code...
