HTML Escape Sequences and Preview Post,
Members - Reputation: 360
Posted 28 September 2012 - 06:51 PM
Unfortunately, hitting 'preview post' replaces escaped characters with unescaped characters. Thus, hitting 'preview post' twice in a row will result in two different-looking previews, as the second time the now-unescaped characters will be removed. 'preview post' changing what your post will look like upon submit is most certainly a bug.
Could you just automatically replace symbols like < with their escape sequences upon submit? I think the entire rest of your system would work well enough with just that. And it doesn't do anything a user couldn't do themselves, so it could not possibly be a security issue.