Semi Safe HTML Tags

  • strict warning: Non-static method view::load() should not be called statically in /hermes/walnaweb12a/b57/moo.greydragoncom/nodsw/sites/all/modules/views/views.module on line 906.
  • strict warning: Declaration of views_handler_argument::init() should be compatible with views_handler::init(&$view, $options) in /hermes/walnaweb12a/b57/moo.greydragoncom/nodsw/sites/all/modules/views/handlers/views_handler_argument.inc on line 744.
  • strict warning: Declaration of views_handler_filter::options_validate() should be compatible with views_handler::options_validate($form, &$form_state) in /hermes/walnaweb12a/b57/moo.greydragoncom/nodsw/sites/all/modules/views/handlers/views_handler_filter.inc on line 607.
  • strict warning: Declaration of views_handler_filter::options_submit() should be compatible with views_handler::options_submit($form, &$form_state) in /hermes/walnaweb12a/b57/moo.greydragoncom/nodsw/sites/all/modules/views/handlers/views_handler_filter.inc on line 607.
  • strict warning: Declaration of views_handler_filter_boolean_operator::value_validate() should be compatible with views_handler_filter::value_validate($form, &$form_state) in /hermes/walnaweb12a/b57/moo.greydragoncom/nodsw/sites/all/modules/views/handlers/views_handler_filter_boolean_operator.inc on line 159.
Leeland's picture

The question is always what can be considered safe when dealing with user input. (In truth very little.) However, setting that truism aside, sites can use HTML correction modules to correct input, and then escaping any oddness. After initial scrubbing the question is what should be allowed through to assist in displaying the content as the author wishes. That list is kind of hard to find. Here is my basic list.

Block-level tags
ADDRESS
Information about the author (such as contact info)
BLOCKQUOTE
Extended quotation
H1 - H6
Headings (most to least important)
HR
Horizontal rule (no closing tag)
P
Paragraph
PRE
Pre-formatted text
NOWIKI
Not really an HTML tag but generally used to indicate to wiki engines or output filters blocks to leave alone
Lists
List Elements
OL
Ordered (i.e., numbered) list
UL
Unordered (i.e., not numbered) list
LI
List item (for ordered or unordered lists)
Definition List Elements
DL
Definition (i.e., key + definition) list
LH
List Section Header
DT
Term
DD
Definition of term
Table elements
TABLE
Table. Optional attributes: BORDER, CELLPADDING,CELLSPACING
CAPTION
Caption for table
TR
Table row
TH
Table header cell
TD
Table data cell. Use the COLSPAN or ROWSPAN attributes to make a table cell span multiple columns or rows.
Inline tags
A
Anchor. Requires either the HREF attribute (to create a link), or the NAME attribute (to create a target), or both.
CITE
Citation
CODE
Text representing code (mono-space)
EM, I
Emphasis / italics text
STRONG, B
Bold / strong text
BIG
Bigger text
SMALL
Smaller text
IMG
Image (empty content -- no closing tag). Requires the SRC attribute (to specify source file) and the ALT attribute (for alternate text).
BR
Line break (empty content -- no closing tag)
SUB
Subscript
SUP
Superscript

Which makes the above list look like this for Drupal:

<a> <address> <em> <strong> <b> <i> <big> <small> <sub> <sup> <cite> <code> <img> <ul> <ol> <li> <dl> <lh> <dt> <dd> <br> <p> <table> <th> <td> <tr> <pre> <blockquote> <nowiki> <h1> <h2> <h3> <h4> <h5> <h6> <hr>

Thread Slivers eBook at Amazon