23 Oct
2006
23 Oct
'06
7:13 p.m.
I believe filter.module does that for security reasons.
The reason why filter.module removes style tags is simple: some dumb browsers allow JavaScript inside stylesheets, for example "font- size:expression(prompt('Enter a font name:', 'Arial'));". Using that you could execute potentially harmful JavaScript code that allows for XSS. Konstantin Käfer – http://kkaefer.com/