Coding Standards
This article outlines the specific HTML and CSS you can safely use when creating Tyles on our website.
For security, performance, and accessibility reasons, all submitted or stored content passes through a series of sanitization filters before it can be served.
In some cases, suspicious code may be automatically stripped or deleted at any time and without notice. This ensures no one can inject harmful or insecure code into any website.
Allowed HTML Elements
The following tags are considered safe and supported. You can use them to format text, structure content, and embed images.
| Text & Structure |
| <p>, <div>, <section>, <span>, <strong>, <em>, <h1>, <h2>, <h3>, <h4> |
| Lists |
| <ul>, <ol>, <li> |
| Media & Code Snippets | Notes |
| <img>, <figure>, <figcaption>, <pre>, <code> | We do not allow <video>, <source> |
| Links & Buttons | Notes |
| <a>, <button> | Whilst we allow <button> elements, we recommend using <a class=”button”> which is more flexible. |
| Styles | Notes |
| <style> | Whilst we allow <style> elements and inline styles, they are automatically sanitized. We recommend keeping those styles as minimal and simple as possible to pass our security checks. |
| Allowed CSS properties color, background, background-color, font, font-size, font-weight, font-style, text-align, text-decoration, margin, margin-top, margin-bottom, margin-left, margin-right, padding, padding-top, padding-bottom, padding-left, padding-right, border, border-color, border-width, border-radius, border-style, display, vertical-align, white-space, line-height | We do not allow CSS that can hide, overlay, or execute. For example: position, z-index, opacity, clip, clip-path, transition, animation, filter, expression |
Disallowed HTML Elements
Certain tags are completely removed to prevent code injection, tracking, or unwanted external scripts.
<script>, <iframe>, <embed>, <object>, <form>, <input>, <textarea>, <select>, <option>, <svg>, <math>, <link>, <meta>
Disallowed Attributes
Event handlers and potentially unsafe attributes are stripped automatically:
onclick, onerror, onload, onmouseover, onfocus, onsubmit, onchange, oninput, onkeydown, onkeyup, onscroll, onwheel, srcset
