-> Most of these can be supported trivially, since they are just semantic
-> markup. Make a list of these, and their attributes (and which attributes
-> can contain urls or other javascript injection mechanisms), and I can add
-> them. Others, like `embed`, and `canvas` are *scary*. --[[Joey]]
+> Many added now.
+>
+> Things I left out, too hard to understand today:
+> Attributes contenteditable,
+> data-\*, draggable, role, aria-\*.
+> Tags command, keygen, output.
+>
+> Clearly unsafe: embed.
+>
+> Apparently cannot be used w/o javascript: menu.
+>
+> I have not added the new `ping` attribute, because parsing a
+> space-separeated list of urls to avoid javascript injection is annoying,
+> and the attribute seems generally dubious.
+> --[[Joey]]