Differences

This shows you the differences between two versions of the page.

--- 78:security_settings [2022/01/29 16:45] – created emr
+++ 78:security_settings [2024/02/15 00:00] (current) – external edit 127.0.0.1
@@ Line 1: / Line 1: @@
 ====== Security Settings ======
-abc
+To allow users with Internet Explorer to access Stages, set the ''global.secureMode.IEAccess'' config property in ''config.xml'' either to ''non_root'' (= all users except root) or ''all_users''.
+Unmanaged HTML sections in descriptions are an inherent security risk, because process modelers could open the system up to XSS vulnerabilities. Therefore, **those features were disabled by default**.
+To reenable the handling for unmanaged HTML sections in descriptions, set the ''process.description.displayUnmanagedSections.enabled'' and ''legacy.description.migration.unmanagedSection.templates properties'' to ''true'' in ''config.xml''.
+**We highly recommend to make those changes only if their impact on security is well understood.**