Configuration file

Content Studio’s Rich Editor automatically removes any <script> and <iframe> tags from the source code. This measurement effectively reduces potential for XSS injections. This also removes any scripts from documents migrated from XP 6 on first save.

Iframes can still be added through the use of the built-in embed macro.

You can allow <script> tag in html fields at your own risk by adding the following to the config file:

Whenever the Publishing Wizard contains at least one item that is "Work in progress", publishing will be disabled. The editor can overrule this by applying "Mark as ready" bulk action from the button dropdown menu and marking all of such items as "Ready for Publishing".

To add another level of restriction and prevent accidental publishing of items that are not ready for publishing, the "Mark as ready" bulk action can be disabled by adding the following parameter to the config file: