Last modified by Thomas Mortagne on 2017/03/24

From version 11.1
edited by Thomas Delafosse
on 2013/09/04
Change comment: There is no comment for this version
To version 9.1
edited by Guillaume Delhumeau
on 2013/09/04
Change comment: There is no comment for this version



Page properties
... ... @@ -1,1 +1,1 @@
1 -XWiki.tdelafosse
1 +XWiki.gdelhumeau
... ... @@ -40,12 +40,6 @@
40 40  Now, we force the Compatibility mode for Internet Explorer (IE) browsers to use the latest rendering mode.
41 41  Before, the IE browser displayed all intranet sites in compatibility mode by default. This means that even if the user was using IE9, he saw the content rendered with IE7 standards. Since we don't [[support>>dev:Community.BrowserSupportStrategy]] IE6/7 anymore this lead in displaying broken layout, scrollbars, etc. See [[XWIKI-8907>>]].
42 42  
43 -== Choosing which types of attachments can be displayed inline (Security) ==
44 -
45 -In order to prevent XSS via FileUpload, a new feature has been added : you can now specify in which types of attachment can be displayed inline.
46 -In the "Attachment" section of, you can either precise a whitelist of mimetypes that can be displayed inline, or precise a blacklist of mimetypes that shouldn't be displayed inline (if you use this configuration, it is strongly advised to blacklist at least "text/html" and "text/javascript" mimetypes for security reasons).
47 -Note that attachments provided by PR users won't be affected by these restrictions.
48 -
49 49  == Deprecated and Retired projects ==
50 50  
51 51  <description of deprecated and retired projects>
... ... @@ -1,1 +1,1 @@
1 -47.1 KB
1 +49.7 KB

Get Connected