diff --git a/content.py b/content.py
index ea41a40ff..424fccd3b 100644
--- a/content.py
+++ b/content.py
@@ -166,7 +166,7 @@ def dangerousMarkup(content: str, allowLocalNetworkAccess: bool) -> bool:
         invalidPartials = ('127.0.', '192.168', '10.0.')
     invalidStrings = ('script', 'canvas', 'style', 'abbr',
                       'frame', 'iframe', 'html', 'body',
-                      'hr')
+                      'hr', 'allow-popups', 'allow-scripts')
     for markup in contentSections:
         if '>' not in markup:
             continue
@@ -358,7 +358,7 @@ def addWebLinks(content: str) -> str:
         if w.endswith('.') or w.endswith(';'):
             w = w[:-1]
         markup = '<a href="' + w + \
-            '" rel="nofollow noopener" target="_blank">'
+            '" rel="nofollow noopener noreferrer" target="_blank">'
         for prefix in prefixes:
             if w.startswith(prefix):
                 markup += '<span class="invisible">' + prefix + '</span>'
diff --git a/daemon.py b/daemon.py
index 10e368d97..0003d6fc7 100644
--- a/daemon.py
+++ b/daemon.py
@@ -995,7 +995,8 @@ class PubServer(BaseHTTPRequestHandler):
                                    self.server.proxyType, version,
                                    self.server.debug,
                                    self.server.YTReplacementDomain,
-                                   self.server.showPublishedDateOnly)
+                                   self.server.showPublishedDateOnly,
+                                   self.server.allowLocalNetworkAccess)
 
     def _postToOutboxThread(self, messageJson: {}) -> bool:
         """Creates a thread to send a post
diff --git a/newsdaemon.py b/newsdaemon.py
index 1e1a3068b..74ee33820 100644
--- a/newsdaemon.py
+++ b/newsdaemon.py
@@ -355,18 +355,6 @@ def newswireHashtagProcessing(session, baseDir: str, postJsonObject: {},
         # Block this item
         if actionStr.startswith('block') or actionStr.startswith('drop'):
             return False
-
-    # TODO
-    # If routing to another instance
-    # sendSignedJson(postJsonObject: {}, session, baseDir: str,
-    #                nickname: str, domain: str, port: int,
-    #                toNickname: str, toDomain: str, toPort: int, cc: str,
-    #                httpPrefix: str, False, False,
-    #                federationList: [],
-    #                sendThreads: [], postLog: [], cachedWebfingers: {},
-    #                personCache: {}, False, __version__) -> int:
-    # if actionOccurred:
-    #     return True
     return True
 
 
diff --git a/outbox.py b/outbox.py
index 93d5c5cb9..141745bb1 100644
--- a/outbox.py
+++ b/outbox.py
@@ -35,6 +35,7 @@ from bookmarks import outboxUndoBookmark
 from delete import outboxDelete
 from shares import outboxShareUpload
 from shares import outboxUndoShareUpload
+from content import dangerousMarkup
 
 
 def postMessageToOutbox(messageJson: {}, postToNickname: str,
@@ -47,7 +48,8 @@ def postMessageToOutbox(messageJson: {}, postToNickname: str,
                         personCache: {}, allowDeletion: bool,
                         proxyType: str, version: str, debug: bool,
                         YTReplacementDomain: str,
-                        showPublishedDateOnly: bool) -> bool:
+                        showPublishedDateOnly: bool,
+                        allowLocalNetworkAccess: bool) -> bool:
     """post is received by the outbox
     Client to server message post
     https://www.w3.org/TR/activitypub/#client-to-server-outbox-delivery
@@ -66,6 +68,18 @@ def postMessageToOutbox(messageJson: {}, postToNickname: str,
                                         postToNickname,
                                         domain, port,
                                         messageJson)
+
+    # check that the outgoing post doesn't contain any markup
+    # which can be used to implement exploits
+    if messageJson.get('object'):
+        if isinstance(messageJson['object'], dict):
+            if messageJson['object'].get('content'):
+                if dangerousMarkup(messageJson['object']['content'],
+                                   allowLocalNetworkAccess):
+                    print('POST to outbox contains dangerous markup: ' +
+                          str(messageJson))
+                    return False
+
     if messageJson['type'] == 'Create':
         if not (messageJson.get('id') and
                 messageJson.get('type') and
diff --git a/utils.py b/utils.py
index 54b1a8649..b02b71936 100644
--- a/utils.py
+++ b/utils.py
@@ -149,6 +149,8 @@ def setHashtagCategory(baseDir: str, hashtag: str, category: str,
                 if not os.path.isfile(hashtagFilename):
                     return False
 
+    if not os.path.isdir(baseDir + '/tags'):
+        os.mkdir(baseDir + '/tags')
     categoryFilename = baseDir + '/tags/' + hashtag + '.category'
     if force:
         # don't overwrite any existing categories
diff --git a/webapp_column_left.py b/webapp_column_left.py
index 8d91101da..5d3d8b0d3 100644
--- a/webapp_column_left.py
+++ b/webapp_column_left.py
@@ -216,7 +216,8 @@ def getLeftColumnContent(baseDir: str, nickname: str, domainFull: str,
                     # add link to the returned html
                     htmlStr += \
                         '      <p><a href="' + linkStr + \
-                        '" target="_blank" rel="noopener noreferrer">' + \
+                        '" target="_blank" ' + \
+                        'rel="nofollow noopener noreferrer">' + \
                         lineStr + '</a></p>\n'
                     linksFileContainsEntries = True
             else:
diff --git a/webapp_column_right.py b/webapp_column_right.py
index 589184817..6bc29bdda 100644
--- a/webapp_column_right.py
+++ b/webapp_column_right.py
@@ -243,7 +243,7 @@ def htmlNewswire(baseDir: str, newswire: {}, nickname: str, moderator: bool,
             title = removeLongWords(item[0], 16, []).replace('\n', '<br>')
             htmlStr += '<p class="newswireItemVotedOn">' + \
                 '<a href="' + item[1] + '" target="_blank" ' + \
-                'rel="noopener noreferrer">' + \
+                'rel="nofollow noopener noreferrer">' + \
                 '<span class="newswireItemVotedOn">' + title + \
                 '</span></a>' + totalVotesStr
             if moderator:
@@ -271,7 +271,7 @@ def htmlNewswire(baseDir: str, newswire: {}, nickname: str, moderator: bool,
             if moderator and moderatedItem:
                 htmlStr += '<p class="newswireItemModerated">' + \
                     '<a href="' + item[1] + '" target="_blank" ' + \
-                    'rel="noopener noreferrer">' + \
+                    'rel="nofollow noopener noreferrer">' + \
                     title + '</a>' + totalVotesStr
                 htmlStr += ' ' + dateShown
                 htmlStr += '<a href="/users/' + nickname + \
@@ -283,7 +283,7 @@ def htmlNewswire(baseDir: str, newswire: {}, nickname: str, moderator: bool,
             else:
                 htmlStr += '<p class="newswireItem">' + \
                     '<a href="' + item[1] + '" target="_blank" ' + \
-                    'rel="noopener noreferrer">' + \
+                    'rel="nofollow noopener noreferrer">' + \
                     title + '</a>' + \
                     totalVotesStr
                 htmlStr += ' <span class="newswireDate">'