diff --git a/app/services/wysiwyg_sanitizer.rb b/app/services/wysiwyg_sanitizer.rb
new file mode 100644
index 000000000..e45c7448f
--- /dev/null
+++ b/app/services/wysiwyg_sanitizer.rb
@@ -0,0 +1,10 @@
+class WYSIWYGSanitizer
+
+  ALLOWED_TAGS = %w(p ul ol li strong em u s)
+  ALLOWED_ATTRIBUTES = []
+
+  def sanitize(html)
+    ActionController::Base.helpers.sanitize(html, tags: ALLOWED_TAGS, attributes: ALLOWED_ATTRIBUTES)
+  end
+
+end
diff --git a/spec/services/wysiwyg_sanitizer_spec.rb b/spec/services/wysiwyg_sanitizer_spec.rb
new file mode 100644
index 000000000..17236aa03
--- /dev/null
+++ b/spec/services/wysiwyg_sanitizer_spec.rb
@@ -0,0 +1,24 @@
+require 'rails_helper'
+
+describe WYSIWYGSanitizer do
+
+  subject { described_class.new }
+
+  describe '#sanitize' do
+
+    it 'returns an html_safe string' do
+      expect(subject.sanitize('hello')).to be_html_safe
+    end
+
+    it 'allows basic html formatting' do
+      html = '<p>This is <strong>a paragraph</strong></p>'
+      expect(subject.sanitize(html)).to eq(html)
+    end
+
+    it 'filters out dangerous tags' do
+      html = '<p>This is <script>alert("dangerous");</script></p>'
+      expect(subject.sanitize(html)).to eq('<p>This is alert("dangerous");</p>')
+    end
+  end
+
+end