HTML attribute sanitizer rules

From VYRE

Jump to: navigation, search

HTML attribute sanitizer rules is a sanity check/security feature that was introduced in Unify 4.6.3.1.

HTML attribute sanitizer rules allows site admins to configure pre-defined HTML elements sets which should be allowed in the relevant attribute types. This will prevent from frontend users entering malicious content. The system supports either blacklisting (allow everything, deny listed tags) or whitelisting (deny everything, allow listed tags). Same applies for elements attributes. The disallowed tags/attributes should be escaped where possible, or removed (where not).

Personal tools