Stages Documentation

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
78:security_settings [2022/01/29 16:48] emr78:security_settings [2024/02/15 00:00] (current) – external edit 127.0.0.1
Line 1: Line 1:
 ====== Security Settings ====== ====== Security Settings ======
  
-To allow users with Internet Explorer to acces Stages, set the ''global.secureMode.IEAccess'' config property in ''config.xml'' either to ''non_root'' (= all users except root) or ''all_users''.+To allow users with Internet Explorer to access Stages, set the ''global.secureMode.IEAccess'' config property in ''config.xml'' either to ''non_root'' (= all users except root) or ''all_users''.
  
 Unmanaged HTML sections in descriptions are an inherent security risk, because process modelers could open the system up to XSS vulnerabilities. Therefore, **those features were disabled by default**. Unmanaged HTML sections in descriptions are an inherent security risk, because process modelers could open the system up to XSS vulnerabilities. Therefore, **those features were disabled by default**.
Line 7: Line 7:
 To reenable the handling for unmanaged HTML sections in descriptions, set the ''process.description.displayUnmanagedSections.enabled'' and ''legacy.description.migration.unmanagedSection.templates properties'' to ''true'' in ''config.xml''. To reenable the handling for unmanaged HTML sections in descriptions, set the ''process.description.displayUnmanagedSections.enabled'' and ''legacy.description.migration.unmanagedSection.templates properties'' to ''true'' in ''config.xml''.
  
-**We highly recommend to make those changes only if the respective impact on security is well understood.**+**We highly recommend to make those changes only if their impact on security is well understood.**