Why is HTML Sanitation enabled as default?


Can anyone offer an explaination as to why HTML sanitation is enabled as default & what are the key dangers associated with it? Is it all or nothing with this setting or can you include certain additional HTML functions beyond the sanitized options?

I plan to ask our system admin to remove this restriction from our system but not if its going to result in security/performace issues. Before i do so i'd like to understand this function setting more myself so any help would be appreciated.



(1) Answer