Open ryanj opened 9 years ago
Consider allowing a configuration flag that enables site admins to easily include iframes in the HTML element whitelist
Same configuration flag could potentially allow <canvas>
elements to be added to whitelist see #71 and #10
While these elements have been known to have security implications it'd be interesting to add this flag configuration option in combination with the export to gh-pages
feature mentioned in #68 find new hosting
If the export to gh-pages function:
This would be a nice way to include the troublesome elements like canvas + iframe since gh-pages static hosting would reduce the security exposure/naughty opportunities (is that accurate?).
Sure it might not solve the rate-limiting issue with gh-pages but it would allow a user to build a static site archive of all his (public) slides to share, kind of cool!
Need to consider the security implications for iframes.
Best use-cases: