I'm developing a feedreader type app on Appcelorator's Titanium platform which allows cross domain ajax requests. The app relies on ajax calls to a third party site, selecting html from those pages and rendering it.

I'd like to sanitize data from the untrusted 3rd party source in the data returned by the ajax call by removing all javascript. Can regex take care of this for me?

Does anyone have any good references or plugins for this?

What else should I know?

Thanks!