HTML TAG
If you set "editor.contentFilter.allowIframe" value to false, insertion of <iframe> tag by the user is restricted and the tag is automatically removed.
| Code Block |
|---|
| language | js |
|---|
| theme | Emacs |
|---|
| title | synapeditor.config.js |
|---|
|
{
'editor.contentFilter.allowIframe': false
} |
| Status |
|---|
| colour | Yellow |
|---|
| title | RELEASE 2.7.0 OR ABOVE |
|---|
|
If If you set "editor.contentFilter.allowEmbed" value to false, insertion of <embed> tag by the user is restricted and the tag is automatically removed.
| Code Block |
|---|
| language | js |
|---|
| theme | Emacs |
|---|
| title | synapeditor.config.js |
|---|
|
{
'editor.contentFilter.allowEmbed': false
} |
| Status |
|---|
| colour | Yellow |
|---|
| title | RELEASE 2.7.0 OR ABOVE |
|---|
|
If If you set "editor.contentFilter.allowObject" value to false, insertion of <object> tag by the user is restricted and the tag is automatically removed.
...
HTML SCRIPT & EVENT ATTRIBUTES
| Warning |
|---|
|
You cannot be held responsible for security issues arising from the use of the option.This option may be vulnerable to XSS (Cross-Site Scripting) attacks, which can lead to the exposure of personal information, session hijacking, or execution of malicious code. Please be cautious of security when using this option. |
If you set "editor.contentFilter.allowIScript" value to false, insertion of <script> tag by the user is restricted and the tag is automatically removed.
...