WordPress MU

I've tried to search through this forum, it seems some people are suggesting to edit the kses.php file to allow javascript, but warn about it being a potential security issue.

Does anyone know how to hack kses.php of WPMU to allow users to post javascripts inside of blog posts?

I want to be able to post popup links, AJAX features and stuff like that inside of each blog post. I know it's a security risk to allow users to post javascripts, but I am trying to build a very controlled system where users are posting to their blogs through my xmlrpc mechanisms, so I can on my end make sure they don't add uncontrolled javascripts, I just would like to have my own popup links and AJAX features work inside of blog posts.

This all works fine on normal Wordpress installs, it seems to only be WPMU that is blocking javascripts such as

javascript:LaunchPopup('url-of-popup.html')

to work correctly.

OK we found it out, we commented this out of kses.php:

function wp_kses_bad_protocol($string, $allowed_protocols)
###############################################################################
# This function removes all non-allowed protocols from the beginning of
# $string. It ignores whitespace and the case of the letters, and it does
# understand HTML entities. It does its work in a while loop, so it won't be
# fooled by a string like "javascript:javascript:alert(57)".
###############################################################################
{
/*$string = wp_kses_no_null($string);
$string = preg_replace('/\xad+/', '', $string); # deals with Opera "feature"
$string2 = $string.'a';

while ($string != $string2) {
$string2 = $string;
$string = wp_kses_bad_protocol_once($string, $allowed_protocols);
} # while
*/
return $string;
} # function wp_kses_bad_protocol