HTML restriction

MediaWiki restricts the use of HTML by default. Only some HTML elements and attributes are allowed. Raw-HTML sections, surrounded by the "html" tag, can be enabled with the option $wgRawHtml. The code is available at includes/Sanitizer.php.

The Wikimedia Foundation's internal website allows full use of HTML. Their other websites (see Complete list of Wikimedia projects) do not. A request to allow full use of HTML was rejected.

There are several extensions that allow for safe use of raw HTML to some extent:
 * Extension:Secure HTML - adds 'Secret key' protection for html sections.
 * Extension:AddHTML - allows HTML on protected pages only
 * Extension:SecureHTML - allows HTML on protected pages only + namespace controls
 * Extension:HTMLets - allows pre-defined HTML snippets with $wgRawHtml=false
 * Extension:RawMsg - allows HTML as stored in MediaWiki namespace only