I really like the tinyMCE editor. but I just wonder how safe it is to use it without escaping the body text at all on the show page. Wouldn’t be possible for someone to insert problematic tags by editing the HTML source through the editor? Or perhaps I should just configure it to not allow any editing through the source. and is there any other situations the editor may cause security problems?

Any time you’re accepting input from users you need to use careful consideration—especially when you’re then going to turn around and redisplay their input back within your application.

I thought I touched on it within the chapter but it may have not made it into the final revision, but I made the choice for this specific application to be a little more lenient due to the facts that membership was limited and controlled (i.e. not anyone could just sign up and start posting) and because it was intended for a very tight knit group of users to whom a certain amount of trust was able to be granted that they wouldn’t mess it up for each other.

If this had been for public use or if I was concerned about the users – then I would have absolutely locked down the system quite a bit more and implemented something like Rick Olsens White List plugin http://svn.techno-weenie.net/projects/plugins/white_list/