Forum: Ruby on Rails for user submitted content, textile or inspected html ?

Announcement (2017-05-07): is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see and for other Rails- und Ruby-related community platforms.
6c382202075fdcd2522d34633d7ecd9b?d=identicon&s=25 nicknameoptional (Guest)
on 2007-04-12 08:24
(Received via mailing list)
I know use another markup language, like wiki syntax or textile is to
prevent javascript injection. But for user who don't know about wiki
syntax or textile,  I'm thinking about just allow them to enter plain
html, parse the content, and reject all questionable tags and
attributes, only allow predefined (safe) tags, like bold or italic,

Is using html for markup less secure than using non-html markup?
This topic is locked and can not be replied to.