One important note: OpenACS 5.1 and all prior versions to my knowledge does ship with a setting that causes it to only allow HREF, TITLE, NAME and ID attributes on HTML tags, so you can't do the image thing.
In fact, you can't post any images at all. And you can't use the htmlArea, because that will generate SPAN tags with STYLE attributes.
We really need something that can sanitize/secure posted HTML, as currently the only solution that will allow people to post images and use htmlArea, two very reasonable use-cases in my opinion, is to change the default setting to something more permissive.
A solution is really required. Any volunteers?
/Lars
