Hi Robert,
There are 2 options in the template wherever you can "allow xHTML".
a) allow xHTML and
b) allow UNSAFE xHTML.
Basically as long as you only use the first, and not the second, you will be ok. NetTalk uses a white-list system to allow specific html elements, while preventing everything else. JavaScript is specifically unsafe and so any unsafe code will be stripped from their submission.
cheers
Bruce