Quote:
Thus, any WYSIWYG editors work non-sense.
? What do you mean? Every WYSIWYG editor IS non-sense or PRODUCES non-sense?
From the viewpoint of usability the crippleware XOOPS DHTML editor is non-sense.
As for tinyeditor (or tinyMCE) WYSIWYG is a BIT safer, since this editor uses his own sanitizer. I DO know that client-side sanitizing is not the best thing to rely on, but it is a start. Maybe there should be another server-side sanitizer checking the HTML code again.
Maybe it would be a good option to let the user of your modules decide if they want to use WYSIWYG? Make a BIG FAT warning and you are out of responsibility.
Just a thought, as I know that
is already evil.