Hello guys,
What can happen when i disable htmlawed???
Regards,
info@elgg.org
Security issues should be reported to security@elgg.org!
©2014 the Elgg Foundation
Elgg is a registered trademark of Thematic Networks.
Cover image by Raül Utrera is used under Creative Commons license.
Icons by Flaticon and FontAwesome.
- iionly@iionly
iionly - 0 likes
- ru Ben Kenobi@paivarm
ru Ben Kenobi - 0 likes
- Paweł Sroka@srokap
Paweł Sroka - 0 likes
You must log in to post replies.http://docs.elgg.org/wiki/Filtering
ok iionly, thanks...
had read it, the question is, what kind of trouble can have a production site?
You could easily inject script stealing all user sessions. You don't want to disable htmlawed without good replacement.
You might want to adjust htmlawed configuration instead: https://github.com/Elgg/Elgg/blob/master/mod/htmlawed/start.php#L66