Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
By YossiN on
I use FCKeditor to create content
I was told on IRC not to use the full HTML but only filtered HTML
1- why is it so (if this is really the case)?
2- when I put underline or pictures with filtered HTML it doesn't appear. how do I overcome it?
thanks
Comments
1) Using full HTML is
1) Using full HTML is dangerous because users can include all sorts of things on your website without your knowledge, some of which pose security risks.
2) The default settings for filtered HTML do not allow
<u>
or<img>
tags. You can go to http://www.example.com/admin/settings/filters/1 (or http://www.example.com/?q=admin/settings/filters/1 if you don't have cleanURLs), where www.example.com is the drupal site in question, to change what is or isn't allowed.Yes but that doesn't solve the problem
If you go to http://www.example.com/admin/settings/filters/1, you can merely turn on or off one of the 4 filters in its entirety. It doesn't permit you to add a U tag. How does one alter the allowed html tags?
http://tinyurl.com/3a34wvn
http://tinyurl.com/3a34wvn
thx for the instructive link
Thanks Juc1.
I managed to find that on my own. It's really kind of a bummer that this forum won't send you email when your topic is updated.
Rep++
forgive my reckless posting
So the answers then:
1) It probably depends on how many people have posting privileges on your site. If it's many people, then your site might be abused by folks posting script exploits or XSS attacks.
2) "filtered html" takes tags out of your html -- like image tags. If you look at the link Juc 1 posted, you'll see a tip.