I had the same question a few days ago, but after studying the policy file for a while, I was able to figure it out and it's pretty slick. -------------- next part -------------- An HTML attachment was scrubbed... URL: https://lists.owasp.org/pipermail/owasp-antisamy/attachments/20090403/4d9d5fe5/attachment.html