Comment 1 for bug 318794

Forgot to mention... the site I have running is using version 2.1.10; I also checked the code in 2.1.11 Version 3.0.0.a2 seems to be using a much smaller set of checks, possibly just disallowing the <script> tag? From edithtml.py part of def ChangeHTML :

   code = re.sub(r'<([/]?script.*?)>', r'&lt;\1&gt;', code)

(2.1.11 has if Utils.suspiciousHTML(code):...)