wysiwyg editor and security

Question

How i can solve the securitty problems that there are using the wysiwyg editor on my Q&A site?

Ther are a lor of attacks of any type and it appear to be really more volnerable that not using it!

But i love it and i'd want to use or to have a solution to win a better security!

 

Thanks at alla

Answer 1

How do you know the attacks you get are related to the wysiwyg editor? You might want to consider to turn the editor a time off and see if that helps.

Comments

From my system engineer that monitoring the domain rsult that is affected by a lot of attacks of any type and also thw uesrs that can write html code on the post has caused some times problems of security.
For this i've turned off and now thhose attacks there aren't been never but i like very much that editor and to have the possibility to upload screenshot or to can easily manage the text are options for me necessary.
For this reason i'm asking to the Q&A experts if someone know a solution or an other editor pore tested on security or also if some other user has the same problem that my engineers are saying to me!
Thanks at all

Answer 2

All input that comes through the WYSIWYG editor is sanitized by the htmLawed library included with Q2A.. So if you are seeing malicious HTML code get through, it is a bug that we should know about. Please provide specific examples.

Comments

Now i do not know a specific example but only that my sysstem engineer ha said to me to uninstall the wysiwyg editor and i'd want to use it as soon as possible.
can you say me what exactly i can ask them? they ever speak really hard and technic and often is impossible to understand but i'm sure that must be a solution because i see a lot of Q&A sites installed  on the web sites that use the wysiwyg editor is correct?