XSS - Which HTML Tags and Attributes can trigger Javascript Events?

Question

I\'m trying to code a secure and lightweight white-list based HTML purifier which will use DOMDocument. In order to avoid unnecessary complexity I am willing to make the fol

Answer 1

Don't forget the HTML5 JavaScript event handlers

http://www.w3schools.com/html5/html5_ref_eventattributes.asp