On Fri, 13 May 2005 23:16:16 +0200 Matthias Grimm <matthiasgrimm@xxxxxxxxxxxxxxxxxxxxx> wrote: > On Fri, 13 May 2005 21:49:30 +0200 > Andreas Gohr <andi@xxxxxxxxxxxxxx> wrote: > > > Hi! > > > > > 1. calling javascript routines from links like > > > <a href="javascript:something">blafasel</a> > > > > Well not a good idea to allow users to add javascript I think (XSS > > problems) - but see FS#227 for a possible solution This solutions works. I was able to limit the javascript access to only a few functions so that the security risk through user's unlimited access to javascript become a minimum. > > > 2. redirect a link into a new browser window. > > > add a target="_blank" to a link > > > > Hmm isn't $conf['target'] enough? Yes, it is enough ... for now ;-) I checked the feature and I got erverything work I wanted to get work. At the end I was able to disable embedded HTML again. Thanks for your help. Best Regards Matthias -- DokuWiki mailing list - more info at http://wiki.splitbrain.org/wiki:mailinglist