README

All code licensed under the GPL (any version)
http://www.gnu.org/licenses/gpl.html


***WARNING***
DO NOT USE THIS CODE IN PRODUCTION FOR XSS FILTERING. IT'S QUITE OLD AND CERTAINLY 
VERY INSECURE.  (The last update of this branch was Oct 2001!)

As of 2010 the most updated/comprehensive XSS filter is: http://htmlpurifier.org/


I've put this up for posterity and also from a request by the WP team to relicense
the code as GPL (instead of GPL 2.0)


Biographical note: I originally whipped this up during a couple summer days after 
graduating from USC mostly as an exercise to learn Cold Fusion 4.0 - I wrote a tag 
filter/balancer I believe after a conversation w/ mathowie. balanceTags was written 
first in PHP and then transcoded to CF. (incredibly painful)

A few months later, Michel asked/let me know he was using it in b2.

I'm amazed any of it remains in production, but I believe descendants of this code
continue to live on both in Metafilter and WordPress.

See:
http://core.trac.wordpress.org/browser/trunk/wp-includes/formatting.php#L977

That's humbling, amazing, and more than a bit scary. And of course, that's how the
sausage gets made.

(also perhaps of interest, I wrote this stack-based parser w/o having taken a compilers
class or having much understanding of Lex or YACC. I was sure there was a better way to
do it, but no one's bothered to rewrite it, so who knows)


.l