|
|
@@ -101,26 +101,44 @@
|
|
|
<div class="col-xs-5">
|
|
|
<div class="btn-group btn-toggle" data-toggle="buttons">
|
|
|
<label class="btn btn-default btn-rounded btn-outline {% if markdownSetting['markdown:isEnabledPreventXSS'] %}active{% endif %}" data-active-class="primary">
|
|
|
- <input name="markdownSetting[markdown:isEnabledPreventXSS]" value="true" type="radio"
|
|
|
- {% if true === markdownSetting['markdown:isEnabledPreventXSS'] %}checked{% endif %}> ON
|
|
|
+ <input name="markdownSetting[markdown:XSS:isPrevented]" value="true" type="radio"
|
|
|
+ {% if true === markdownSetting['markdown:XSS:isPrevented'] %}checked{% endif %}> ON
|
|
|
</label>
|
|
|
<label class="btn btn-default btn-rounded btn-outline {% if !markdownSetting['markdown:isEnabledPreventXSS'] %}active{% endif %}" data-active-class="default">
|
|
|
- <input name="markdownSetting[markdown:isEnabledPreventXSS]" value="false" type="radio"
|
|
|
- {% if !markdownSetting['markdown:isEnabledPreventXSS'] %}checked{% endif %}> OFF
|
|
|
+ <input name="markdownSetting[markdown:XSS:isPrevented]" value="false" type="radio"
|
|
|
+ {% if !markdownSetting['markdown:XSS:isPrevented'] %}checked{% endif %}> OFF
|
|
|
</label>
|
|
|
</div>
|
|
|
- <!-- <div class="input">
|
|
|
- <input type="radio" name="preventXSS" value="stripignoretag" checked>
|
|
|
- {{ t('markdown_setting.Strip ignore tag') }}<br>
|
|
|
- <input type="radio" name="preventXSS" value="WLtagnames">
|
|
|
- {{ t('markdown_setting.White list tag names') }}<br>
|
|
|
- <input type="radio" name="preventXSS" value="WLtagattribute">
|
|
|
- {{ t('markdown_setting.White list tag attributes') }}
|
|
|
- </div> -->
|
|
|
<p class="help-block">{{ t("markdown_setting.Prevent XSS(Cross Site Scripting)desc") }}<br>{{ t("markdown_setting.Prevent XSS(Cross Site Scripting)desc2") }}</p>
|
|
|
</div>
|
|
|
</div>
|
|
|
|
|
|
+ <div class="form-group">
|
|
|
+ <div id="selectXSS" class="input">
|
|
|
+ <input type="radio" name="markdownSetting[markdown:XSS:option]" value="1" checked>
|
|
|
+ {{ t('markdown_setting.Allow all') }}<br>
|
|
|
+ <input type="radio" name="markdownSetting[markdown:XSS:option]" value="2">
|
|
|
+ {{ t('markdown_setting.Ignore all') }}<br>
|
|
|
+ <input type="radio" name="markdownSetting[markdown:XSS:option]" value="3">
|
|
|
+ {{ t('markdown_setting.Recommended setting') }}<br>
|
|
|
+ <input type="radio" name="markdownSetting[markdown:XSS:option]" value="4">
|
|
|
+ {{ t('markdown_setting.Whitelist setting') }}<br>
|
|
|
+ </div>
|
|
|
+
|
|
|
+ <div class="form-group">
|
|
|
+ <div id="WLsetting" class="input">
|
|
|
+ <p class="help-block">{{ t('markdown_setting.Add white list desc') }}</p>
|
|
|
+ <div class="inputbox">
|
|
|
+ {{ t('markdown_setting.tag') }}
|
|
|
+ <input type="text" name="markdownSetting[markdown:XSS:tagWhiteList]" size="70" value="" placeholder="span, iframe, input">
|
|
|
+ </div>
|
|
|
+ <div class="inputbox">
|
|
|
+ {{ t('markdown_setting.tag attribute') }}
|
|
|
+ <input type="text" name="markdownSetting[markdown:XSS:attrWhiteList]" size="70" value="" placeholder="class, type, placeholder, name, required">
|
|
|
+ </div>
|
|
|
+ </div>
|
|
|
+ </div>
|
|
|
+
|
|
|
<div class="form-group">
|
|
|
<div class="col-xs-offset-4 col-xs-5">
|
|
|
<input type="hidden" name="_csrf" value="{{ csrf() }}">
|
sou