Has something changed?

Maybe something implicit in the PHP upgrade. I've been having the problem since before then, but I've seen it mentioned more after then.

Yeah, I had it too. But I was lazy and didn't mention it.

The last time I sucked complete threads and saved them was late April.

And that's what I think is key -- it's the poster's job to make it look like they want. It's our job to protect the innocent bystanding posts.

Seconding this. However, t a href='http://buffistas.org" does not get fixed, per se, with Tidy 1 (the board version), it merely gets contained. The unmatched delimeter gets converted to an entity. Like this: t a href='http://buffistas.org/"%3E'

Since we already have a better answer than that, I will put in a little post-tidy code to fix it up.

The most mangled html I came up with off the top my head was a busted font tag inside a broken anchor tag. The font tag was between the anchor's 'a' and its 'href'. All kinds of illegal. Tidy cleaned it up right nicely, moving the font outside the anchor and closing both tags real prettily. Impressive.

Does tidy have an option to strip Javascript? There's a number of nasty exploits you can do if you can embed Javascript in a post, and it would be nice to prevent them.

Do we even allow a t script tag? If so, it's easy to strip them out without tidy since we already do that with lots of other tags.

This may just be my browser, but starting here Jessica "Coffee On My Monitor" Oct 30, 2002 11:06:11 pm PST, there is a whitefont problem that goes on for a number of posts.

etbe more specific. Things go back to normal in post 656.

We only let a handful of tags through -- t script isn't one of them. Is there anywhere else it can be embedded?

I think I fixed it Lee. Please check since it wasn't a problem in my browser.

Tidy won't strip javascript, but the replacement t 's with their entity counterparts already disables in script.