[development] How to control HTML user input preserving the "style" attributes?

Leo Burd leob at media.mit.edu
Mon Oct 23 13:11:13 UTC 2006

Hello there,

I am creating an about_me.module to provide users with a customizable "about 
me" page.  That page is to be very simple: a title field and a textarea for 
users to write whatever they want.  Ideally, users should be able to 
customize their pages either by writing directly in HTML or by using 

The problem that I'm having is that the formatting added by TinyMCE 
(especially the "style" attributes) are being filtered out by filter.module. 
An alternative would be to not filter the HTML tags at all, but I'm afraid 
that would add potential risks to my website. Is there any solution for this 
problem? What would you recommend?

Thanks in advance,


More information about the development mailing list