Details
-
Improvement
-
Resolution: Fixed
-
Major
-
13.10.5, 14.3
-
None
Description
The XML module should provide a component that provides ways to determine if a certain HTML element or attribute is considered safe for user-generated content that can be re-used for filtering elements and attributes in various places in XWiki. As the definition what is safe might depend on the context of the wiki, there should be different options that can be selected with a configuration option: a secure one based on a definition of allowed elements, attributes and values of attributes, a less secure one that is based on disallowing dangerous elements, attributes and attribute values and an insecure one that allows everything.