xss test
<script>The script tag should be escaped.</script>
<script type="text/javascript">The script tag should be escaped.</script>
<SCRiPT>The script tag should be escaped.</SCRiPT>
<h4>Regular HTML tags should be okay.</h4>
<h4 onclick="alert('test')">But onClick handlers should be disabled.</h4>
<h4 onClick="alert('test')">But onClick handlers should be disabled.</h4>