Implement secure preview handling (!287) · Merge requests · World / Apostrophe

Manuel Genovés requested to merge ft.secure_preview into main Mar 27, 2024

Implements three levels of security:

Always render HTML and javascript
Always escape HTML and javascript
If there's no HTML in the document escape it, otherwise ask the user what they want to do

The default behaviour is the last one, the other two are behind a gsettings flag and not exposed to the user

Implement secure preview handling