Only turn off active
content filtering if you have secured
your network against cross-site scripting attacks by other means.
Before you begin
The active content
filter removes potentially harmful text
content, such as JavaScript™,
from user input added to a post or entry before saving the post or
entry to an application; it does not filter file attachments. Before
you disable active content filtering, be sure you have considered
the security implications of this decision. See Securing applications
from malicious attack for more information.Procedure
-
Start the wsadmin client. See Starting the wsadmin
client for details.
- Find out what the
current setting is for the active content
filter property. See Editing configuration files for
details and to find out which commands to use to check out the configuration
files.
- Change the active content filtering
property for the application
using one of the following commands:
- Activities:
ActivitiesConfigService.updateConfig("activeContentFilter.enabled", "false")
- Blogs:
BlogsConfigService.updateConfig("ACFEnabled", "false")
- Bookmarks:
DogearCellConfig.updateConfig("activeContentFilter.enabled", "false")
- Communities:
CommunitiesConfigService.updateConfig("activeContentFilter.enabled", "false")
- Files:
FilesConfigService.updateConfig("activeContentFilter.enabled","false")
- Forums:
ForumsConfigService.updateConfig("activeContentFilter.enabled","false")
- Profiles:
ProfilesConfigService.updateConfig("activeContentFilter.enabled","false")
- Wikis:
WikisConfigService.updateConfig("activeContentFilter.enabled","false")
- Apply your changes. See Applying
property changes for
details.