[development] How to control HTML user input preserving the "style" attributes?
leob at media.mit.edu
Mon Oct 23 13:11:13 UTC 2006
I am creating an about_me.module to provide users with a customizable "about
me" page. That page is to be very simple: a title field and a textarea for
users to write whatever they want. Ideally, users should be able to
customize their pages either by writing directly in HTML or by using
The problem that I'm having is that the formatting added by TinyMCE
(especially the "style" attributes) are being filtered out by filter.module.
An alternative would be to not filter the HTML tags at all, but I'm afraid
that would add potential risks to my website. Is there any solution for this
problem? What would you recommend?
Thanks in advance,
More information about the development