One of the vulnerabilities I noticed recently with the RAD Editor is the ability to inject javascript on the page. Allowing users into the "HTML" view of the page is a little dangerous. Luckily it's not on this page, or all users would be going to my site :). What is the best way to deal with this problem? Not enable HTML view for users?
Thanks,
Sam
Thanks,
Sam