WordPress.com is a type of shared environment, where all users are running off of the same software. This is great because it allows us at Automattic to update millions of blogs at the same time with a single click. It means we can fix bugs or offer new features very quickly, which is a win for you as users. Having all users running on the same software can also be dangerous. If we aren’t careful, one user has the potential to take down the entire site. So this is why we need to limit some of the things you post on your blog.
If you wrote some code or pasted it in from another web site and then it disappeared after publishing the post, the code is likely being stripped out. If you feel it’s being stripped out improperly or if you would like to suggest additional types of code we should allow, please contact support.
WordPress.com allows the following HTML code in your posts, pages, and widgets:
address, a, abbr, acronym, area, article, aside, b, big, blockquote, br, caption, cite, class, code, col, del, details, dd, div, dl, dt, em, figure, figcaption, footer, font, h1, h2, h3, h4, h5, h6, header, hgroup, hr, i, img, ins, kbd, li, map, ol, p, pre, q, s, section, small, span, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, var
Check out W3 Schools for more information about what each of these HTML codes are used for.
If you are familiar with HTML, you’ll notice that codes such as
embed, frame, iframe, form, input, object, textarea and others are missing from the above list. Those codes are not allowed on WordPress.com for security reasons.
Flash and Other Embeds
Flash and all other embeds are not allowed in WordPress.com posts, pages, or text widgets. For security reasons, we remove the tags needed for these to work. Your intentions may be innocent, but someone somewhere might try to use such embeds to damage the site, affecting all of our users.
Posting Source Code
See our Posting Source Code article for details on how to easily post source code on your blog.