Which #HTML elements imply automatically fetching remote data? ('img', 'audio', 'video' are the ones I come up with). And anything already thought to be unsafe by htmLawed is taken handled: http://www.bioinformatics.org/phplabware/internal_utilities/htmLawed/htmLawed_README.htm#s3.6 (weird style attributes, tags like: embed, script, object....)