View Revisions: Issue #15096

Summary 15096: XSS for super-admin too
Revision 2019-09-18 16:41 by DenisChenu
Additional Information

Maybe separation between XSS and Script (for 4.0) can be great too
Default XSS == 1 => XSS on for (! superadmin && !ForcedAdmin)
XSS = 0 : Xss all for all

Add script active settings (start in config.php)

Then we can have
XSS true for : (!ForcedAdmin) or (!superadmin) or (All user)
script true for : (same as XSS (default)) or All user (even with XSS enable) or superadmin (even if XSS for superadmin).

This settings can be accessible only via php file.

Revision 2019-08-01 15:06 by DenisChenu
Additional Information

Maybe separation between XSS and Script (for 4.0) can be great too
Default XSS == 1 => XSS on for (! superadmin && !ForcedAdmin)
XSS = 0 : Xss all for all

Add script active settings (start in config.php)

Then we can have
XSS true for : (!superadmin) or (All user) or (!ForcedAdmin)
script true for : (!superadmin) or (All user) or (!ForcedAdmin)