If you set "editor.contentFilter.allowIframe" value to false, insertion of <iframe> tag by the user is restricted and the tag is automatically removed.
{ 'editor.contentFilter.allowIframe': false } |
If you set "editor.contentFilter.allowEmbed" value to false, insertion of <embed> tag by the user is restricted and the tag is automatically removed.
{ 'editor.contentFilter.allowEmbed': false } |
If you set "editor.contentFilter.allowObject" value to false, insertion of <object> tag by the user is restricted and the tag is automatically removed.
{ 'editor.contentFilter.allowObject': false } |
RELEASE 2.3.0 OR ABOVE
If you set 'editor.contentFilter.allowLink' value to false, insertion of <link> tag by the user is restricted and the tag is automatically removed.
{ 'editor.contentFilter.allowLink': false } |
You cannot be held responsible for security issues arising from the use of the option. |
If you set "editor.contentFilter.allowIScript" value to false, insertion of <script> tag by the user is restricted and the tag is automatically removed.
{ 'editor.contentFilter.allowScript': false } |
If you set 'editor.contentFilter.allowEventAttribute' value to true, you can use event attributes (onclick, onload, onchange, ....) in HTML tags.
{ 'editor.contentFilter.allowEventAttribute': false } |