Stages Documentation

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
72:editor_unmanaged [2023/01/10 17:28] ohh72:editor_unmanaged [2024/02/15 00:00] (current) – external edit 127.0.0.1
Line 1: Line 1:
 ====== Unmanaged Sections ====== ====== Unmanaged Sections ======
  
-Unmanaged Sections provide a way to insert HTML code into a description text. They are called "unmanaged" because Stages does not validate this HTML code. Stages sends this code to the web browser unchanged.+Unmanaged Sections provide the ability to insert HTML code into a description text. They are called "unmanaged" because Stages does not validate this HTML code. Stages sends this code to the web browser unchanged.
  
-** <font inherit/inherit;;#c0392b;;inherit>Considering IT security, this feature is disabled by default.</font>  **  Please, contact a Stages Product Consultant before enabling it.+** Considering IT security, this feature is disabled by default.  **Please get in touch with a Stages Product Consultant before enabling it.
  
 Unmanaged Sections can be created Unmanaged Sections can be created
Line 13: Line 13:
  
 To delete an Unmanaged Section, delete the **Unmanaged HTML Section**  icon at the text position. To delete an Unmanaged Section, delete the **Unmanaged HTML Section**  icon at the text position.
 +
 +===== Example: Embed videos into process descriptions =====
 +
 +The following two configuration properties need to to be set for enabling the display and editing of unmanaged sections:
 +
 +<code>
 +<!-- For editing HTML sections even when secure mode is active -->
 +<property name="global.secureMode.allowHTMLPlugin" value="true" />
 +
 +<!-- For displaying HTML sections -->
 +<property name="process.description.displayUnmanagedSections.enabled" value="true" />
 +
 +</code>
 +
 +In addition to this, displaying external content in iframes must be explicitly allowed:
 +
 +<code>
 +<!-- For allowing iframes from YouTube and Vimeo -->
 +<property name="global.secureMode.csp.additional.framesrc" value="https://www.youtube.com https://www.vimeo.com" />
 +
 +</code>
 +
 +When these three configuration properties are set, you should be able to insert the embed HTML code from the video site in an unmanaged section.
 +
 +**Warning:** modifying the configuration properties can impact the security of the system by enabling cross-site scripting. Please make sure that your security team approves this change.