Remover XSS e outros insectos do HTML

Com esta volta ao PHP vêm as pesquisas, leituras, experiências, o costume!

Numa destas rondas encontrei uma biblioteca em PHP capaz de remover todo ou quase todo o lixo ou código malicioso (não é que seja mau, é apenas malicioso!) do HTML, como bónus ainda tenta torná-lo correcto.

Refiro-me ao HTML Purifier

HTML Purifier is a standards-compliant HTML filter library written in PHP. HTML Purifier will not only remove all malicious code (better known as XSS) with a thoroughly audited, secure yet permissive whitelist, it will also make sure your documents are standards compliant, something only achievable with a comprehensive knowledge of W3C's specifications. Tired of using BBCode due to the current landscape of deficient or insecure HTML filters? Have a WYSIWYG editor but never been able to use it? Looking for high-quality, standards-compliant, open-source components for that application you're building? HTML Purifier is for you!