It is a pain to have to sanitize output by enabling the HTML filter, make sure the order is correct, and then add a whole lot of very common tags.
It would be great to have sanitization a built in option to the Writeup filter, since it is used so often. Ideally it would allow all tags that are not dangerous and to run the final page through the Drupal filter_xss() function.

Comments

anne_g’s picture

It would be more useful to be able to change this option on a format by format basis. That way, for example, user comments can be completely locked down, but a content administrator can insert a script in a page if necessary.

andrewfn’s picture

Status: Active » Fixed

Excellent idea! This has been implemented in the most recent version.

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.