Allowed html tag issue

abmishra · October 28, 2022, 11:14am

Hi There,

Following is the security setting in my config.inc.php file.

allowed_html = "<a href|target> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <b> <i> <u> <img> <sup> <sub> <br> <p>"

But I am able to enter <script></script> tag through form. Please help me.

Thanks,
Abhay Kumar Mishra

Describe the issue or problem
Please tell us what happens and what you expected to happen.

Steps I took leading up to the issue
For example:

Go to ‘…’
Click on ‘…’
Scroll down to ‘…’
See error

What application are you using?
For example, OJS 3.3.0-4

Additional information
Please add any screenshots, logs or other information we can use to investigate this problem.

asmecher · October 28, 2022, 3:19pm

Hi @abmishra,

Can you edit your post to fill in the missing details? E.g. which of our applications are you using, and which version; where are you entering the script tag, and where do you see it displaying; etc.

Thanks,
Alec Smecher
Public Knowledge Project Team

primozs · October 30, 2022, 4:04pm

More info in other post: Allowed_html configuration not working in OJS version 3.3.0.11