The OWASP AntiSamy project is an API for safely allowing users to supply their own HTML and CSS without exposure to XSS vulnerabilities.
OWASP AntiSamy project (http://www.owasp.org/index.php/AntiSamy) is a collection of APIs for safely allowing users to supply their own HTML and CSS without exposing the site to XSS vulnerabilities.
The methodology of AntiSamy is unique in that it is built on a positive security model in both the format of the HTML document and the content within the document. It's also unique in that it attempts to help the user tune their input to pass validation in a cooperative spirit, rather than treating users as potential attackers which is how all contemporary security mechanisms work.
Download and New features from 1.4 and 1.4.1: http://i8jesus.com