XHTML sanitization
When comment content is submitted with contenttype=application/xhtml+xml the content is sanitized for security and consistency so that it only contains the following elements or attributes. Named entities such as are also converted to numerical entities or Unicode characters so the content can be processed easily as XML.
Block elements
- <p>
- <div>
- <h1>
- <h2>
- <h3>
- <h4>
- <h5>
- <h6>
- <ul>
- <ol start="" type="">
- <li value="">
- <blockquote>
- <dd>
- <dl>
- <dt>
- <hr>
- <pre class="">
- <table>
- <caption>
- <table>
- <tbody>
- <td colspan="" rowspan="">
- <tfoot>
- <th colspan="" rowspan="">
- <thead>
- <tr>
Inline elements
- <b>
- <i>
- <s>
- <u>
- <sup>
- <sub>
- <ins>
- <del>
- <strong>
- <code>
- <small>
- <br>
- <span>
- <em>
- <a href="">
- <big>
- <strike>
- <tt>