Are you ready to switch to HTML parsing permanently?

Poll: A global switch to HTML parsing

Are you ready?

GHengeveld	#24165 2010-04-17 06:28
Team Thanked: 52 times	Sorry Kilandor, I don't agree with you at all. In my professional opinion, BBcode is a solution to a prehistoric problem, from back in the days when there were no good RTEs around. I simply cannot justify, in ANY way, to make my customers learn BBcodes (no matter how easy it is), while professional solutions offer real time wysiwyg editing. The usability of RTEs is simply a leap ahead of BBcodes. And lets face it: end-users do not care about security issues. They just want something that is easy to use and doesn't require learning anything new. Going into detail on the security aspects of allowing HTML, there are very good solutions around to minimize the risk of a security issue. Purifying code and blacklisting / filtering certain tags is easy to implement and the performance hit is very acceptable, considering the added benefits. I have no intention to remove BBcodes entirely and I would advocate giving the most security minded administrator the option to disable HTML in favor of BBcodes, but in the end I strongly believe HTML should become the default setting.

GHengeveld

#24165 2010-04-17 06:28

Sorry Kilandor, I don't agree with you at all.

In my professional opinion, BBcode is a solution to a prehistoric problem, from back in the days when there were no good RTEs around. I simply cannot justify, in ANY way, to make my customers learn BBcodes (no matter how easy it is), while professional solutions offer real time wysiwyg editing. The usability of RTEs is simply a leap ahead of BBcodes. And lets face it: end-users do not care about security issues. They just want something that is easy to use and doesn't require learning anything new.

Going into detail on the security aspects of allowing HTML, there are very good solutions around to minimize the risk of a security issue. Purifying code and blacklisting / filtering certain tags is easy to implement and the performance hit is very acceptable, considering the added benefits.

I have no intention to remove BBcodes entirely and I would advocate giving the most security minded administrator the option to disable HTML in favor of BBcodes, but in the end I strongly believe HTML should become the default setting.

Yes, if migration is automated	83.3%	65
No, never	1.3%	1
Please support multiple parsers, despite it is hard to maintain!	15.4%	12