Hello all,<br><br>I've recently been going through the question of weather it's useful to preserve the html tags that are part of aggregated content. So rather than dive into this on my own I wanted to see the consensus on this issue from others who probably have more experience in this than I do.
<br><br>If the <content> or <summary> tags in an ATOM feed have an <img> tag I was always pleased to find the image showing up inline in my aggregated content, but what about formatting tags? Allowing arbitrary code could be a herald for XSS attacks as was noted in the a previous thread.
<br><br>Question: Should all tags in aggregated content be stripped? If not, then what tags should be allowed? If I use filter_xss then what tags should I allow? Is there some specification or article on what HTML tags should be allowed to go through? How do aggregation module authors handle this or advise that it be handled?
<br><br>I really appreciate all feedback on this issue. Thanks :)<br>