config:htmlok
This is an old revision of the document!
Configuration Setting: htmlok
Defines if embedding HTML using the <html>
tags is allowed. This may break the layout and XHTML compliance if wrong HTML is inserted.
This is a big security risk when used on a freely accessible site because it enables anyone to embed arbitrary JavaScript in your wiki pages. This can be used to steal cookie and gain unauthorized privileged access to your wiki, leading to possibly escalated privileges which may allow to take over your server, steal personal information etc. Unless you know exactly what you're doing you should never enable this option.
- Type: Boolean
- Default:
0
Security Warning: Changing this option could present a security risk.
See also
config/htmlok.1645011919.txt.gz · Last modified: 2022-02-16 12:45 by 46.249.65.21