Geodesic Solutions Community Wiki

User Tools

Site Tools

You are here: Auction and Classified Software Support Home » Admin Menu » Site Setup » Allowed HTML
admin_menu:site_setup:allowed_html:start

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
admin_menu:site_setup:allowed_html:start [2008/12/14 23:06]
jonyo 		admin_menu:site_setup:allowed_html:start [2017/02/23 07:34] (current)
geojames
Line 2: Line 2:
 ====== Allowed HTML ====== ====== Allowed HTML ======
  
-Use this administration tool to control what HTML tags are allowed to be used on your site where users enter text.  Note that this applies to any text entered by the user where HTML is allowed, including, if you are using the Storefront Addon, any HTML used on pages within a user's Storefront Manager.+We've moved this admin support wiki page to the following [[startup_tutorial_and_checklist:feature_configuration:allowed_html:start|allowed html support wiki page]]
  
-===== Tags Matching <tag ...> or </tag> ===== 
  
-{{:admin_menu:site_setup:allowed_html:tags_matching.png |}} 
- 
-On the list of HTML tags, check the box for **Allowed?** for any HTML tags you wish to allow your users to use when entering text on the site, for example in the "listing details" when placing a listing.  If a user attempts to enter a HTML tag that is on this list that is not allowed, it will simply be removed from the text with no replacement.  The tags with an asterisk (*) are strongly recommended to **not be allowed**. This is because the potential for a user to enter malicious code exists with the tags we have identified with an asterisk. 
- 
-==== Tags not in this list ==== 
- 
- 
-{{ :admin_menu:site_setup:allowed_html:tags_not_in_list.png|}} 
- 
-Use this setting to allow or not allow a user to enter tags not found on this list at all.  We recommend leaving this setting disallowed (by un-checking the box for "Allowed?"). 
- 
-==== Add Tag ==== 
- 
-{{:admin_menu:site_setup:allowed_html:add_tag.png |}} 
- 
-When you enter a tag you only need to enter the //first// part of the HTML tag **BETWEEN** the "<" and ">", **without** the attributes.  For example, if the "a" (HTML anchor) tag was not one of the default tags defined, and you wanted to add it, you would only need to enter "a" into the tool. 
- 
-The full HTML tag may look something like: 
- 
-<code html><a href="http://www.geodesicsolutions.com"> go to Geodesic Solutions website</a></code> 
- 
-You would enter the tag as just **a**, leave off the rest of the tag.  Also check the box for **Allowed?** if you wish to allow this new tag that you are adding to the list. 
- 
-Note that the tags on this list are **case insensitive**, meaning that if a tag is on this list and not allowed, it will be removed from text regardless of if the tag is upper-case or lower-case, or even a combination of both. 
- 
-===== Special: Match without < > ===== 
- 
-{{:admin_menu:site_setup:allowed_html:special_match_without_tag.png|}} 
- 
-This is a list of things you can allow or not allow, that will be matched even if they are not part of a tag.  You cannot add additional things to this list, there is only the pre-defined ones.  If you need to filter out anything else that is not a tag, and not on this special list, we recommend using the **Badwords** tool to do so.  This list is only for the most common things that users may attempt to use for malicious purposes.  Most of the time, even if the things on this list are allowed, they usually will not be harmful, but you can still choose to not allow them just in case. 
- 
-TODO: Explain this better... 
- 
-===== Warning: HTML Removed by WYSIWYG ===== 
- 
-Note there may be **inadvertent** tags disallowed if you use the WYSIWYG within your place a listing process.  The WYSIWYG does not have the ability to represent flash or dynamic content within it, among other things.  So even if you allowed the <param>, <object>, ...etc tags to display this content within the WYSIWYG the WYSIWYG itself may remove the tags. 
- 
-The WYSIWYG will also attempt to **auto-correct** HTML according to what it considers is //valid HTML// If your clients use the //HTML// button in the WYSIWYG editor to manually insert or edit the HTML directly, if that HTML is not //valid// (according to what the WYSIWYG editor considers valid), the editor will try to auto-correct the HTML.  Most of the time the effect is fine, as it causes the HTML to be "valid" which search engines (at least Google) seem to prefer.  But sometimes, this can cause problems, for instance it may result in un-expected things happening like things being moved around, resized, or removed altogether as a result of the "auto correcting". 
- 
-In those cases, where the WYSIWYG editor is causing problems with entering the HTML as desired, advise your users to click on **[Add/Remove Editor]** to temporarily turn off the WYSIWYG editor, and they can enter the HTML directly into a normal "textarea". 
admin_menu/site_setup/allowed_html/start.1229295991.txt.gz · Last modified: 2014/09/25 16:55 (external edit)

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Noncommercial-Share Alike 4.0 International
CC Attribution-Noncommercial-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki