
It's better when it's simple

User Tools

Site Tools


This is an old revision of the document!

Configuration Setting: htmlok

Defines if embedding HTML using the <html> tags is allowed. This may break the layout and XHTML compliance if wrong HTML is inserted.

:!: This option and mechanism has been removed from the Jack Jackrum release. Replacement via the HTMLok plugin.

The following is only applicable until release Igor:

:!: You should never enable this option, unless:

  • you are the only user with write permissions
  • you know exactly what you're doing

:!: This is a big security risk when used on a freely accessible site because it enables anyone to embed arbitrary JavaScript in your wiki pages. This can be used to steal cookie and gain unauthorized privileged access to your wiki, leading to possibly escalated privileges which may allow to take over your server, steal personal information etc.

  • Type: Boolean
  • Default: 1

Security Warning: Changing this option could present a security risk.

See also

config/htmlok.1680690553.txt.gz · Last modified: 2023-04-05 12:29 by michaelsy

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki