Allowing Potentially Unsafe Content in Knowledge Base Articles
Sep 30, 2021
2908
By default, HappyFox will strip out potentially unsafe HTML tags (like <script> or <iframe>) when you publish your Knowledge Base articles since they can be used to embed unsafe code. This security configuration can be changed in your HappyFox security settings.
But these tags come in handy when you need to embed rich media (like a Youtube video). So the choice is yours and if you want to allow these HTML elements to support advanced customization, then you can change the setting at any time.
Applicable HappyFox Plans: ✔️ Mighty ✔️ Fantastic ✔️ Enterprise ✔️ Enterprise Plus ✔️ Unlimited Agents plans
To allow unsafe content in KB articles:
- Navigate to Manage >> Security >> Knowledge Base from Agent Portal.
- Your agent role would require "Manage Security Settings" permission to access this page.
- Turn ON the "Allow potentially unsafe content in Knowledge Base articles" toggle.
Warning: Disabling this toggle will not automatically remove unsafe HTML from any of the existing articles. However, when agents edit those articles, unsafe HTML will get removed. For all new articles, unsafe HTML will be removed before getting published.
Note: This feature is also configurable at the article level. If the global setting is enabled, it can be disabled/enabled for specific articles during article creation/edit. If the global setting is disabled, then it cannot be enabled at the article level.
Safe Tags:
'a', 'abbr', 'acronym', 'address', 'area', 'article', 'aside', 'audio', 'b', 'big',
'blockquote', 'br', 'button', 'canvas', 'caption', 'center', 'cite', 'code', 'col', 'colgroup',
'command', 'datagrid', 'datalist', 'dd', 'del', 'details', 'dfn', 'dialog', 'dir', 'div', 'dl',
'dt', 'em', 'event-source', 'fieldset', 'figcaption', 'figure', 'footer', 'font', 'form',
'header', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6', 'hr', 'i', 'img', 'input', 'ins', 'keygen',
'kbd', 'label', 'legend', 'li', 'm', 'map', 'menu', 'meter', 'multicol', 'nav', 'nextid',
'ol', 'output', 'optgroup', 'option', 'p', 'pre', 'progress', 'q', 's', 'samp', 'section',
'select', 'small', 'sound', 'source', 'spacer', 'span', 'strike', 'strong', 'sub', 'sup',
'table', 'tbody', 'td', 'textarea', 'time', 'tfoot', 'th', 'thead', 'tr', 'tt', 'u', 'ul', 'var', 'video'
'blockquote', 'br', 'button', 'canvas', 'caption', 'center', 'cite', 'code', 'col', 'colgroup',
'command', 'datagrid', 'datalist', 'dd', 'del', 'details', 'dfn', 'dialog', 'dir', 'div', 'dl',
'dt', 'em', 'event-source', 'fieldset', 'figcaption', 'figure', 'footer', 'font', 'form',
'header', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6', 'hr', 'i', 'img', 'input', 'ins', 'keygen',
'kbd', 'label', 'legend', 'li', 'm', 'map', 'menu', 'meter', 'multicol', 'nav', 'nextid',
'ol', 'output', 'optgroup', 'option', 'p', 'pre', 'progress', 'q', 's', 'samp', 'section',
'select', 'small', 'sound', 'source', 'spacer', 'span', 'strike', 'strong', 'sub', 'sup',
'table', 'tbody', 'td', 'textarea', 'time', 'tfoot', 'th', 'thead', 'tr', 'tt', 'u', 'ul', 'var', 'video'
Safe Attributes:
'abbr', 'accept', 'accept-charset', 'accesskey', 'action', 'align', 'alt', 'autocomplete', 'autofocus',
'axis', 'background', 'balance', 'bgcolor', 'bgproperties', 'border', 'bordercolor', 'bordercolordark',
'bordercolorlight', 'bottompadding', 'cellpadding', 'cellspacing', 'ch', 'challenge', 'char',
'charoff', 'choff', 'charset', 'checked', 'cite', 'class', 'clear', 'color', 'cols', 'colspan',
'compact', 'contenteditable', 'controls', 'coords', 'data', 'datafld', 'datapagesize', 'datasrc',
'datetime', 'default', 'delay', 'dir', 'disabled', 'draggable', 'dynsrc', 'enctype', 'end',
'face', 'for', 'form', 'frame', 'galleryimg', 'gutter', 'headers', 'height', 'hidefocus', 'hidden',
'high', 'href', 'hreflang', 'hspace', 'icon', 'id', 'inputmode', 'ismap', 'keytype', 'label',
'leftspacing', 'lang', 'list', 'longdesc', 'loop', 'loopcount', 'loopend', 'loopstart', 'low',
'lowsrc', 'max', 'maxlength', 'media', 'method', 'min', 'multiple', 'name', 'nohref', 'noshade',
'nowrap', 'open', 'optimum', 'pattern', 'ping', 'point-size', 'poster', 'pqg', 'preload', 'prompt',
'radiogroup', 'readonly', 'rel', 'repeat-max', 'repeat-min', 'replace', 'required', 'rev', 'rightspacing',
'rows', 'rowspan', 'rules', 'scope', 'selected', 'shape', 'size', 'span', 'src', 'start', 'step',
'style', 'summary', 'suppress', 'tabindex', 'target', 'template', 'title', 'toppadding', 'type',
'unselectable', 'usemap', 'urn', 'valign', 'value', 'variable', 'volume', 'vspace', 'vrml',
'width', 'wrap', 'bgcolor'
'axis', 'background', 'balance', 'bgcolor', 'bgproperties', 'border', 'bordercolor', 'bordercolordark',
'bordercolorlight', 'bottompadding', 'cellpadding', 'cellspacing', 'ch', 'challenge', 'char',
'charoff', 'choff', 'charset', 'checked', 'cite', 'class', 'clear', 'color', 'cols', 'colspan',
'compact', 'contenteditable', 'controls', 'coords', 'data', 'datafld', 'datapagesize', 'datasrc',
'datetime', 'default', 'delay', 'dir', 'disabled', 'draggable', 'dynsrc', 'enctype', 'end',
'face', 'for', 'form', 'frame', 'galleryimg', 'gutter', 'headers', 'height', 'hidefocus', 'hidden',
'high', 'href', 'hreflang', 'hspace', 'icon', 'id', 'inputmode', 'ismap', 'keytype', 'label',
'leftspacing', 'lang', 'list', 'longdesc', 'loop', 'loopcount', 'loopend', 'loopstart', 'low',
'lowsrc', 'max', 'maxlength', 'media', 'method', 'min', 'multiple', 'name', 'nohref', 'noshade',
'nowrap', 'open', 'optimum', 'pattern', 'ping', 'point-size', 'poster', 'pqg', 'preload', 'prompt',
'radiogroup', 'readonly', 'rel', 'repeat-max', 'repeat-min', 'replace', 'required', 'rev', 'rightspacing',
'rows', 'rowspan', 'rules', 'scope', 'selected', 'shape', 'size', 'span', 'src', 'start', 'step',
'style', 'summary', 'suppress', 'tabindex', 'target', 'template', 'title', 'toppadding', 'type',
'unselectable', 'usemap', 'urn', 'valign', 'value', 'variable', 'volume', 'vspace', 'vrml',
'width', 'wrap', 'bgcolor'
Safe CSS properties:
'azimuth', 'background-color', 'border-bottom-color', 'border-collapse', 'border-color',
'border-left-color', 'border-right-color', 'border-top-color', 'clear', 'color', 'cursor',
'direction', 'display', 'elevation', 'float', 'font', 'font-family', 'font-size', 'font-style',
'font-variant', 'font-weight', 'height', 'letter-spacing', 'line-height', 'overflow', 'pause',
'pause-after', 'pause-before', 'pitch', 'pitch-range', 'richness', 'speak', 'speak-header',
'speak-numeral', 'speak-punctuation', 'speech-rate', 'stress', 'text-align', 'text-decoration',
'text-indent', 'unicode-bidi', 'vertical-align', 'voice-family', 'volume', 'white-space','width',
'padding', 'margin', 'padding-left', 'padding-right', 'padding-top', 'padding-bottom', 'margin-left',
'margin-right', 'margin-top', 'margin-bottom', 'border-left', 'border-right', 'border-top',
'border-bottom', 'word-break', 'white-space'
'border-left-color', 'border-right-color', 'border-top-color', 'clear', 'color', 'cursor',
'direction', 'display', 'elevation', 'float', 'font', 'font-family', 'font-size', 'font-style',
'font-variant', 'font-weight', 'height', 'letter-spacing', 'line-height', 'overflow', 'pause',
'pause-after', 'pause-before', 'pitch', 'pitch-range', 'richness', 'speak', 'speak-header',
'speak-numeral', 'speak-punctuation', 'speech-rate', 'stress', 'text-align', 'text-decoration',
'text-indent', 'unicode-bidi', 'vertical-align', 'voice-family', 'volume', 'white-space','width',
'padding', 'margin', 'padding-left', 'padding-right', 'padding-top', 'padding-bottom', 'margin-left',
'margin-right', 'margin-top', 'margin-bottom', 'border-left', 'border-right', 'border-top',
'border-bottom', 'word-break', 'white-space'
Everything else is considered unsafe and will be removed when an article is published if the corresponding setting is configured.
Unsafe HTML tags removed during article publish cannot be retrieved back.
