If you set "editor.contentFilter.allowIFrame" value to false, insertion of <iframe> tag by the user is restricted and the tag is automatically removed.
{
'editor.contentFilter.allowIFrame': false
} |
If you set "editor.contentFilter.allowIScript" value to false, insertion of <script> tag by the user is restricted and the tag is automatically removed.
{
'editor.contentFilter.allowScript': false
} |
RELEASE 2.3.0 OR ABOVE
If you set 'editor.contentFilter.allowScript' value to false, insertion of <a> tag by the user is restricted and the tag is automatically removed.
{
'editor.contentFilter.allowLink': false
} |
If you set 'editor.contentFilter.allowEventAttribute' value to true, you can use event attributes (onclick, onload, onchange, ....) in HTML tags.
{
'editor.contentFilter.allowEventAttribute': false
} |