XSS problems

[francescovenica]

Using something like javascript:alert('Oopsie!'); in a url let the user run any javascript function....is there a way to sanitise this control?
For sure the real sanitation should be done on server side when saving the contento of the editor, but maybe could be good to stop this on the frontend too.