@RAOF@dev.glitch.social OK. This is what OWASP do: see https://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet#RULE_.236_-_Sanitize_HTML_Markup_with_a_Library_Designed_for_the_Job for details.
www.owasp.orgXSS (Cross Site Scripting) Prevention Cheat Sheet - OWASP
@RAOF@dev.glitch.social I still think that there's no one common subset that'd satisfy everyone, though :)