Configuration file


This section describes how to configure Content Studio via the config file.

The file should be called and placed into the $XP_HOME/config folder of your XP installation.

Html Editor XSS

Content Studio’s Rich Editor automatically removes any <script> and <iframe> tags from the source code. This measurement effectively reduces potential for XSS injections. This also removes any scripts from documents migrated from XP 6 on first save.

Iframes can still be added through the use of the built-in embed macro.

You can allow <script> tag in html fields at your own risk by adding the following to the config file:
htmlinput.allowScripts = true

Disable "Mark as Ready" in the Publishing Wizard

Whenever the Publishing Wizard contains at least one item that is "Work in progress", publishing will be disabled. The editor can overrule this by applying "Mark as ready" bulk action from the button dropdown menu and marking all of such items as "Ready for Publishing".

Mark as ready action in the Publishing Wizard

To add another level of restriction and prevent accidental publishing of items that are not ready for publishing, the "Mark as ready" bulk action can be disabled by adding the following parameter to the config file:
publishingWizard.allowContentUpdate = false