Originally posted by Buntine
But if a mod opened all HTML files in Notepad (or similar) first, then the troublesome code wold not be executed, but spotted by a moderator who would not put it on the main forum. There would be a special moderators forum, which all posts with a HTML attatchment would go first. Only mods and administrators could then click a button either to let it go to the main forum or delete it. This way, any malicious code would be spotted, and deleted, before it appears on the main forum.
Anyway, ZIP files are allowed, which can contain any file type, including .html/htm's.