[Cryptography] filtering html

[Marshall Pierce]

On 10/15/2017 03:43 AM, James A. Donald wrote:
> It looks like Github Flavored Markdown is Github's solution to this
> problem.
> 
> Instead of attempting the Herculean task of sanitizing arbitrary user
> supplied html, they give the user a language that is less dangerously
> powerful.


Non-HTML markup languages (like Markdown, and BBCode before it) are one
approach, but there are tools for constraining input to a safer subset
of HTML, like AntiSamy:
https://www.owasp.org/index.php/Category:OWASP_AntiSamy_Project.

-Marshall