I want to let my 'untrusted' users to use wysiwyg plus to embed videos (at least from YouTube) in their posts. Is there a universal PHP class to filter outputs to protect from xss?
The issue should not only be limited to preventing XSS when adding a YouTube link, what about the rest of the content? There are a couple of options for handling the output of what users may enter, see:
and