Article Page Default Filters
Search
- Version
- by (unknown)
- Version 2
- by (unknown)
Deletions or items before changed
Additions or items after changed
| 1 | - | + | = Why is some text filtered? =
|
|
|---|---|---|---|---|
| 2 | + | |||
| 3 | + | Web sites can be attacked by users entering in special HTML code. Filtering is a way to protect your web site.
|
||
| 4 | + | |||
| 5 | + | It is important to understand that filtering occurs at the time an article is saved, after it has been written or edited. Depending on your editor and filter settings, it is possible for a user to add HTML to an article during the edit session only to have that HTML removed from the article when it is saved. This can sometimes cause confusion or frustration. If you have filtering set up on your site, make sure your users understand what types of HTML are allowed.
|
||
| 6 | + | |||
| 7 | + | |||
| 8 | + | = Default Filters =
|
||
| 9 | + | |||
| 10 | + | The default 'Black List' contains the following tags to exclude:
|
||
| 11 | + | |||
| 12 | + | 'applet', 'body', 'bgsound', 'base', 'basefont', 'embed', 'frame', 'frameset', 'head', 'html', 'id', 'iframe', 'ilayer', 'layer', 'link', 'meta', 'name', 'object', 'script', 'style', 'title', 'xml'
|
||
| 13 | + | |||
| 14 | + | The default 'Black List' contains the following attributes to exclude:
|
||
| 15 | + | |||
| 16 | + | 'action', 'background', 'codebase', 'dynsrc', 'lowsrc'
|
||
| 17 | + | |||
| 18 | + | |||
| 19 | + | Additional 'Black List' (disallow) tags and attributes can be added for special cases. A white list that only allows those attributes and tags listed may also be used in special well defined and well documented cases.
|
||
| 20 | + | |||
| 21 | + | Please note that these settings work regardless of the editor that you are using. Even if you are using a WYSIWYG editor, the filtering settings may strip additional tags and attributes prior to saving information in the database. |