New : Protect your HTML

Go down

New :  Protect your HTML Empty New : Protect your HTML

Post by The Godfather on May 18th 2020, 10:28 am

Dear users,

To further enhance the security of your forums, we’ve made a change to protect HTML in posts when it’s allowed on the forum.

What are the changes?


With this update, when HTML is enabled, only certain HTML tags (related to "classic" use), which we call protected HTML, are allowed in posts. The others (and in particular those which can break the display of the pages of the forum or are dangerous for it) are deleted when the message is saved. In this case, it is unprotected HTML which presents a potential risk for the security of the forum, and the use of it will be limited by default.

Here is a list of accepted tags (considered as protected HTML):

Code:
a, abbr, acronym, address, b, basefont, bdo, big, blockquote, br, center, cite, code, del, dfn, dir, div, dl, em, font, h1, h2, h3, h4, h5, h6, hr, i, iframe, img, ins, kbd, menu, ol, p, pre, q, s, samp, small, span, strike, strong, sub, sup, table, tt, u, ul, var, caption, col, colgroup, dd, li, table, tbody, td, tfoot, th, thead, tr.

These tags are allowed in posts by default (if HTML is enabled on the forum), without additional settings in your PA. This list is by no means exhaustive and may change.


How to manage this security?


This operation is configurable via the PA.

To the option that you already know and which allows or not to authorize the use of HTML in messages (1), is added a new option (2) which allows to give access to unprotected html to these groups :

Administrators
Administrators and moderators
All members

New :  Protect your HTML Allow_11

By default if HTML is allowed, only administrators can add unprotected HTML.


When HTML is authorized but protected for the member who writes his message, an indication in the editor on the right: "Use of HTML is limited"

New :  Protect your HTML Use_ht10


This update in no way modifies the HTML content posted on your forum before the implementation of the new security. All HTML code posted by your members before the new setting will work without any changes.


Hoping that this update will allow you to better control the security of your forums,

See you very soon on Forumotion for other news,

The Forumotion team  king
The Godfather
The Godfather
Administrator
Administrator

Posts : 3732
Reputation : 675

View user profile

Van-Helsing, trajce and Beyonder like this post

Back to top Go down

Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum