Is Markdown (with strip_tags) sufficient to stop XSS attacks?

Question

I\'m working on a web application that allows users to type short descriptions of items in a catalog. I\'m allowing Markdown in my textareas so users can do some HTML format

Answer 1

BBcode provides more safety because you are generating the tags.

If is allowed, this will go straight through strip_tags ;) Bam !