A microapp built on App Engine that sanitizes HTML snippets. - DeWitt Clinton via Bookmarklet

See http://friendfeed.com/e... for background. - DeWitt Clinton

Made a little tweak to accept short bits of content in the get request itself, which would work well with the jsonp style callbacks. - DeWitt Clinton

Is this a bug? Should be escaped right... http://html-whitelist.appspot.com/whiteli...<script>This+should+be+escaped</script> - nadim

I think it is being escaped. Try viewing source of the html response, or make the &json=1 request. When it is displayed directly to the browser the escaped < characters cause the tag to be shown to the user, but not interpreted by the browser. - DeWitt Clinton

You're right, my mistake. - nadim

Added better support for POST handling and a demonstration on the homepage. - DeWitt Clinton

The point of course not being the application itself, but that it could be written in an hour or two on a whim and can be thrown out there on the net to run at scale with literally zero effort. - DeWitt Clinton

Last update: I added support for multiple sanitizing rulesets and implemented the "atwood" mode. Readers of http://refactormycode.com/codes... will get the joke. - DeWitt Clinton

Some one help me about use PHP for write whitelist tags. Please send me : thp_1981@yahoo.com or dungdetest@gmail.com - doremon

@doremon -- you can use the html-whitelist web service from a PHP application by using the 'file_get_contents' or 'file_post_contents' methods (http://us.php.net/file_ge... and http://us.php.net/file_ge..., respectively). I'm not a PHP programmer, but perhaps someone who is could write up some example code. - DeWitt Clinton

thanks DeWitt Clinton,but my web site can not use web service. I write success whitelist html, but it's simple check tags allow, enough tag, postion of tags. I look at whitelist of "http://simonwillison.net/2008...", it's checked well. Some one help me . - doremon