Skip to content

Commit

Permalink
Add warning about WAGTAILFORMS_HELP_TEXT_ALLOW_HTML
Browse files Browse the repository at this point in the history 
Conflicts:
	docs/advanced_topics/settings.rst
  • Loading branch information
@gasman
gasman committed Jul 20, 2020
1 parent 0b80aee commit f437ba4
Showing 1 changed file with 3 additions and 0 deletions.
3 changes: 3 additions & 0 deletions docs/advanced_topics/settings.rst
View file
Original file line number Diff line number Diff line change
Expand Up @@ -673,6 +673,9 @@ Form builder
When true, HTML tags in form field help text will be rendered unescaped (default: False).

.. WARNING::
Enabling this option will allow editors to insert arbitrary HTML into the page, such as scripts that could allow the editor to acquire administrator privileges when another administrator views the page. Do not enable this setting unless your editors are fully trusted.


URL Patterns
~~~~~~~~~~~~
Expand Down

0 comments on commit f437ba4

Please sign in to comment.