Sanitizing html input: youtube iframes, css inline styles and customization by Robert Pankowecki — Today Sometimes we give users tremendous power over the content generated on the web platforms that we write. The power to add content using HTML/WYSIWYG editors. There is only one gotcha. We need to make sure that this power is not abused by malicious users. After all, you are a responsible developer, right? . Find out how to sanitize the input but keep it relaxed enough .