I was reading an article on the html Editor extender, which makes a textbox into an editor that produces html. Its perfect for my site, except for a few problems. First of all, my site is on a shared public server. This means I don't have "full trust", which means that the safety against XSS (cross site scripting) can't be put in. (The safety is a "sanitzer dll that the control is connected to). So my question is, can I capture the contents of the control in an ASP.net variable, then find some anti-XSS library on the net and apply it to the variable contents, and then store the processed html in a database, for later display on a webpage?
If not, is there a safer alternative to the extender? For instance, there is an older ajax HTML Editor Control, but I don't know that it is safer.