For security purposes, configuration page has been implemented which provides the Administrator with control over what the accessibility of the Macro.
| Field | Description |
|---|---|
| Exclude scripts | This is the global setting for disabling Scripting to be used by the Macro. By setting this field checked, it will result in exclusion of scripts within the URL provided. |
| Custom error message | A custom error message is encountered explicitly when the user is accessing a non-white-listed URL. The purpose of this is to provide information as to whom to contact/reason for the error. Important: Default message will be used when accessing the configure screen first time or when the field value is not provided. Default message: xhtml+html-include-replace; The URL specified is not whitelisted. Please speak to a system administrator. |
| Full URL | This is where the URL is specified. |
| Plain or Regex | While specifying the URL, you have to select either Plain or Regex type. |
| Sort by | Allows you to sort the list by the following criteria:
|
Example
I want to access the http://localhost URL by White listing it and disable scripting to enhance security. If the user tries to access a non-white-listed URL, I want to display my custom error message.
Accessing localhost in browser (the URL contains 6 scripts in total as shown in the console):
Script Exclusion + Custom Error Message and White-listed URL has been set (Plain type):
|
Accessing localhost in the Macro and the console output:
|
