Characters / Examples of data | Status |
---|
Special characters from range 0h – 1Fh | Will be removed, except for: t", " n", " r", |
< {any}
| Will stay unchanged |
< 5
<5
| Will stay unchanged |
<{letter}
| Will be taken as considered a tag and will be removed or closed (and a closing tag will be added) For example: <b will be <b></b>
<x will be removed
|
<!
| Will be removed, as this is considered a start of <!-- which can be used for an XSS attack. |
</
| Will be taken as considered a closing tag. |
HTML | Supported HTML tags and attributes are listed here. Supported tags can be formatted/normalized, i.e. tag definition changed to lowercase, spaces removed/added, or the end of a tag changed from <hr> to <hr /> etc. If a closing tag in paired tags is missing, it will be added. Paired tags which are not defined logically will be removed, e.g. <pre></pre> as these have no effect. (Paired tags must surround the text you want format.) Tags which are not defined logically (internally) will be removed, e.g. <input> , <span> , <img> – these do not make sense. In special cases, the tag <li> will be supplemented by a parent tag to <ul><li></li></ul> .
|