key: htmlSecurity
title: Security
description: Filter and strips potentially dangerous content
author: requarks.io
icon: mdi-fire
enabledDefault: true
dependsOn: htmlCore
step: post
order: 99999
props:
  safeHTML:
    type: Boolean
    title: Sanitize HTML
    default: true
    hint: Sanitize HTML from unsafe attributes and tags that could lead to XSS attacks
    order: 1
  allowDrawIoUnsafe:
    type: Boolean
    title: Allow Draw.io Unsafe Elements
    default: true
    hint: Draw.io diagrams may introduce some elements that are usually filtered. Turning off this option may cause some diagrams to be completely removed during the sanitization process.
    order: 2
  allowIFrames:
    type: Boolean
    title: Allow iframes
    default: false
    hint: iframes will not be stripped if enabled. (Not recommended)
    order: 3