Nice. Can I ask what your strategy is for sanitizing HTML that comes in through comments?
I'm not sure how to give a short answer to this. There's a lot of custom code in the engine dedicated to filtering, most of which is influenced by Cocoa designs. The grunt work is handled by a combination of built-in PHP mechanisms and custom sets of regular expressions. I give the custom filters first crack, and whatever's left is handed over to Markdown.
I thought about releasing all of this stuff to the public, and I still could. It just seems like there are a number of good web frameworks in Rails and Django, and I don't want to muddy the waters unless there's a really good reason.
by Scott Stevenson — Apr 01
I'm not sure how to give a short answer to this. There's a lot of custom code in the engine dedicated to filtering, most of which is influenced by Cocoa designs. The grunt work is handled by a combination of built-in PHP mechanisms and custom sets of regular expressions. I give the custom filters first crack, and whatever's left is handed over to Markdown.
I thought about releasing all of this stuff to the public, and I still could. It just seems like there are a number of good web frameworks in Rails and Django, and I don't want to muddy the waters unless there's a really good reason.