Richard Davey wrote:
I gave several valid good usability reasons, that I've yet to see anyone provide a coherent reason not to use.
The usability arguments in favor of BBCode are fine. I'm not interested in that debate. I just don't want more people thinking that allowing BBCode somehow protects against XSS.
As far as allowing [red] goes, you can just as easily add <red> to the list of available tags and not have to come up with a replacement for every other HTML tag that already exists.
Chris -- Chris Shiflett Brain Bulb, The PHP Consultancy http://brainbulb.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
