DokuWiki

It's better when it's simple

User Tools

Site Tools


config:htmlok

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
Both sides next revision
config:htmlok [2009-08-04 23:21]
ach
config:htmlok [2020-07-28 18:37] (current)
andi [Configuration Setting: htmlok]
Line 3: Line 3:
 Defines if embedding HTML using the ''%%<html>%%'' tags is allowed. This may break the layout and XHTML compliance if wrong HTML is inserted. Defines if embedding HTML using the ''%%<html>%%'' tags is allowed. This may break the layout and XHTML compliance if wrong HTML is inserted.
  
-:!: This is a security risk when used on a freely accessible site because it enables Cross Site Scripting attacks!+:!: This is a big security risk when used on a freely accessible site because it enables anyone to embed arbitrary JavaScript in your wiki pages. This can be used to steal cookie and gain unauthorized privileged access to your wiki, leading to possibly escalated privileges which may allow to take over your server, steal personal information etc. Unless you know exactly what you're doing you should **never enable this option**.
  
   * Type: Boolean   * Type: Boolean
Line 13: Line 13:
  
   * [[:config:|Configuring DokuWiki]]   * [[:config:|Configuring DokuWiki]]
- +  * [[faq:html|FAQ: HTML does not work]]
config/htmlok.1249420913.txt.gz · Last modified: 2009-08-04 23:21 by ach