wikijs-fork/server/modules/rendering/html-security/definition.yml

29 lines
834 B
YAML

key: htmlSecurity
title: Security
description: Filter and strips potentially dangerous content
author: requarks.io
icon: mdi-fire
enabledDefault: true
dependsOn: htmlCore
step: post
order: 99999
props:
safeHTML:
type: Boolean
title: Sanitize HTML
default: true
hint: Sanitize HTML from unsafe attributes and tags that could lead to XSS attacks
order: 1
allowDrawIoUnsafe:
type: Boolean
title: Allow Draw.io Unsafe Elements
default: true
hint: Draw.io diagrams may introduce some elements that are usually filtered. Turning off this option may cause some diagrams to be completely removed during the sanitization process.
order: 2
allowIFrames:
type: Boolean
title: Allow iframes
default: false
hint: iframes will not be stripped if enabled. (Not recommended)
order: 3