>
> CLEANUP(re.compile('<script.*?</script>', re.S|re.I))
>It's not enough to exclude only <script> tags -- you're better off allowing only a whitelist of tags and attributes. When displaying the output, you could do XML(user_html, sanitize=True). See http://web2py.com/books/default/chapter/29/5#XML. Anthony
