Notifications
Q&A

Welcome to Codidact Meta!

Codidact Meta is the meta-discussion site for the Codidact community network and the Codidact software. Whether you have bug reports or feature requests, support questions or rule discussions that touch the whole network – this is the site for you.

What html tags can we use in posts?

+3
−0

So, I finally got around to looking at the second Review Panel draft, and was surprised by the ability to make collapsible sections in posts. From the comments, I wasn't the only one.

Whoa, whoa, whoa, slow down, you can make collapsable sections? Tell me that if posts support any form of HTML coding, that at least CSS and JS are screened so that users can't just arbitrarily execute code on the browser page. — DonielF

@DonielF Yes via <details> for everything and within that <summary> for the title. And no, not everything goes. There is a whitelist. :D — luap42

This is really just me satisfying my own curiosity, but what specifically is allowed on the site? I mean, obviously not script tags or any other security breaking tags, but what about other feature tags like <details>?

Why should this post be closed?

0 comments

2 answers

+5
−0

For obvious reasons, we do not allow you to use any tag or attribute you want. All tags, that aren't on a special inclusion list are stripped from the input.

There are two lists, one for posts and one for comments.

Posts (Question, Answer, Article, IIRC user profiles; so generally everything longer) can contain as tags:

  • a
  • p
  • b
  • i
  • em
  • strong
  • hr
  • h1, h2, h3, h4, h5, h6
  • blockquote
  • img
  • strike
  • del, ins
  • code
  • pre
  • br
  • ul, ol, li
  • sup, sub
  • section
  • details, summary

These tags can furthermore use the following attributes:

  • id
  • class
  • href
  • title
  • src
  • height
  • width
  • alt

Comments (and possibly some other shorter text types) may contain:

  • a
  • b
  • i
  • em
  • strong
  • strike
  • del
  • code

These tags can use the attributes

  • href
  • title

This is the current list of available tags. It might, though, change in the future. For example <details> and <summary> were only added recently.

The source code with the most recent list can be found here for:

4 comments

Thanks, this is exactly what I wanted ‭Moshi‭ 2 months ago

Also the <span> and <style>. ‭Dani‭ 2 months ago

@Dani shouldn't be supported. Take a look at my user profile. I added a <span> around "deploys" and added a <style> tag that should give every element an outline. Both are scrubbed from the HTML, as you can see from the html inspector / the no effect. ‭luap42 is a ghost 👻 ‭ 2 months ago

@luap42 When asking a question, the preview shows the styled text (but I didn't post with any with it, so I don't know if it goes away). ‭Dani‭ 2 months ago

+1
−0

I have tried to document all markups allowed in posts in a help page for the EE site. Let me know if you find anything not described there.

1 comment

Well, for one, it doesn't have the <details> and <summary> tags listed there. ‭Moshi‭ 2 months ago

Sign up to answer this question »