If you are using or can upgrade, this is built in with CF7. There is a new
scriptprotect attribute for the cfapplication tag which will search the
different scopes and parse out any "bad" javascript chars.

---nimer


"minasaywhat" <webforumsuser@macromedia.com> wrote in message
news:cutb57$ij3$1@forums.macromedia.com...
> I'm trying to secure our server &amp; ColdFusion. I've been reading
> Macromedia
> tips on securing your application and they suggest using HTMLEdit() and
> XMLEdit() so that hackers can't execute code on users machines using
> malicious
> JavaScript. Anyone know how to use this? The CFML reference book is not
> helping me... Thanks
>