ihorchepurnyi
commented
8 years ago Hi, users can't add malicious scrips to your app because we used the HTML Purifier for the comments content.
You can change the configuration for the PurifyBehavior by creating your own CommentModel.
Your extensions looks amazing by the way. !!!! I noticed that I can type in html and iframes etc... This can pose a security risk... This way people can add malicious scrips to my app