Plug-ins Available Protect Against Malicious Code?

Hi - I have a form on one of my views that allows non-registered and
registered users to comment on a photo. I'd like to be able to let
users enter simple HTML tags such as links and images, but no no
iframes, JS, etc. Is there a plug-in out there that will get me most
(if not all) the way there? I've searched the ROR plugin site at but have not found anything.

Thanks in advance,


Great - Thanks Chris!