Disable Javascript in TinyMCE

Is there any plug-in/way to disable java-s开发者_如何学Gocript inside tinymce ? I don't want people to allow tags or any inline java-scripts.

Check out the valid_elements option:

The valid_elements option defines which elements will remain in the edited text when the editor saves. You can use this to limit the returned HTML to a subset.

This option contains a comma separated list of element conversion chunks. Each chunk contains information about how one element and its attributes should be treated. The default rule set for this option is specified below.

This issue were been raised as security vulnerability issue and We were using 3.4.9 version of tinymce.Using below snippet we fixed this issue.

tinyMCE.init({
 invalid_elements : "script",
});

Refer tinymce wiki http://www.tinymce.com/wiki.php/Configuration:invalid_elements