Risky preferences

Some of Tiki's preferences are quite powerful (and thus dangerous) and should be used only by experts. These risky preferences are disabled and hidden by default, since Tiki 22 and only the system administrator can make them visible through Tiki's system configuration file.

Introduced in Tiki22

This addresses CVE-2020-29254

These are the preferences marked as risky:

feature_editcss
feature_edit_templates
feature_purifier
smarty_security_functions
smarty_security_modifiers
smarty_security_dirs
tiki_allow_trust_input

List Slides

Export PDF

Handouts

Exit Slideshow

Risky preferences Some of Tiki's preferences are quite powerful (and thus dangerous) and should be used only by experts. These risky preferences are disabled and hidden by default, since Tiki 22 and only the system administrator can make them visible through Tiki's system configuration file. Introduced in Tiki22 This addresses CVE-2020-29254 These are the preferences marked as risky: feature_editcss feature_edit_templates feature_purifier smarty_security_functions smarty_security_modifiers smarty_security_dirs tiki_allow_trust_input

Risky preferences

Enable/Show risky preferences

Set Specific Risky Prefs in tiki.ini