I am writing a site that works sort of like a forum such as the JavaRanch forums. I have a Rich Text Editor I am using to allow users to write whatever they like in their post.
I'd like to allow developer posts in which code may be included. In doing so I open up the possibility of people injecting client side scripts that download malware or otherwise cause annoyances or harm to peoples computers.
What are the recommended methods for allowing people to post code without exposing your application to malicious code that will execute when end-users read their posts?