As I try to come up with such a thing, it strikes my mind that someone might have done it before?
I think of a Text Area in a web form - the user should be able to write as freely as possible without posing a security threat!
Example (php style):
-This would be a bit to hard on the user, as it'd only allow letters, numbers, whitespace and _ !
-Line breaks should also be allowed