kses is an HTML/XHTML security filter that removes all unwanted HTML elements and attributes, no matter how malformed the HTML input you give it. It also does several checks on attribute values. It can be used to avoid cross-site scripting (XSS), buffer overflows, and denial of service attacks. It is used by popular programs such as WordPress and Geeklog.