This module accepts an input HTML and/or CSS string and removes any
executable code including scripting, embedded objects, applets, etc., and
neutralizes any XSS attacks. A white-list based approach is used which means
only HTML known to be safe is allowed through.