It’s just data

Taking RSS security seriously

It is nice to see that Aggie RC5 proactively strips all script, object and meta tags from text before displaying it.

The RSS validator has always flagged script, meta, embed, and object tags. But the real fixes need to be in the aggregators. Kudos to Aggie.