Can anyone point me in the right direction. If possible disable for X role or disable altogether for profiles.
We build. You grow.
Get best community software hereStart a social network, a fan-site, an education project with oxwall - free opensource community software
Custom HTML | Forum
Leader Keelan
Oct 21 '11
With the custom HTML what are the restrictions on this, i'm scared someone could include a iframe with a remote js file and ruin someones life either mine or a user who visits their profile.
The Forum post is edited by Keelan Oct 21 '11
Team Den
Oct 24 '11
Hi
There are a strong restrictions for user's content. All Javascript code and iframes are cut by script for all content which user can post on frontend, except admin. Admin can post any type of content in admin panel :)
Leader Keelan
Oct 24 '11
But i logged in as a standard user and added to my profile an iframe with a local url didn't try external.
Team Den
Oct 25 '11
In some features, iframes can be stripped or filtered. Custom HTML code is filtered by list of allowed resources. This list can be founded in Admin Panel->User Settings->Content Input->Allowed video resources list
This setting is named not right and will be renamed in next updates :)
Would you check please, does your domain present in this list?
Leader