I can't seem to find any standard or specs on what HTML tags are allowed in the title or content of RSS feed or ATOM feed items. I was wondering if <form> tags are allowed (as in emails) and whether it can open some CORS/CSRF vulnerabilities.
@nilesh If memory serves, the description of an RSS item can have any HTML so long as it's content-encoded. CORS I would think would be an issue if there were forms since a number of readers cache content so you wouldn't be able to use a CSRF token.
Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.