I am very interested in ensuring that the html input I get from our users does not contain any javascript. I have tried to put javascript in an html tag in my current installation which CuteEditor does not seem to cleanup - see example below.
Is there anyway CuteEditor will/can do this or will I have to clean the input myself?
Example:
<div onmouseover="top.location='http://www.cafepress.com/cp/sotd.aspx?storeid=pearls'">Writing something
here</div>
This forum if nothing else seems to disallow javascript event attributes.
/Thomas