Haven’t been able to find a good enough answer on whether using
sanitize() is enough to really protect me from XSS attacks
I basically have a blog page that I want to allow people to display
comments on but would like to allow html tags to be posted on the
comments, these could html tags like the imageshack img tags, youtube
player, photobucket img tags etc
any other approaches or suggestions to this problem are appreciated!
thanks!