Welcome to the Question2Answer Q&A. There's also a demo if you just want to try it out.
+1 vote
248 views
in Q2A Core by
I am using the Markdown editor and it seems that users on my site are able to post HTML in questions, comments, and answers. Is that a normal behavior ? Isn't it dangerous (XSS hacks) ? How can I disable it ?

Thanks
by
I suggest you use for questions and answers the "Basic Editor" and Q2A Embed  to videos and images https://github.com/NoahY/q2a-embed
 I think more Friendly and mild.
by
@Jonatan this is not a solution, I don't want to use the "Basic Editor", because there are some options (for code etc.) that we need and they are not in the Basic Editor. My question very simple: users on my site are able to post HTML in questions, comments, and answers. Is that a normal behavior ? Or is it dangerous ? I don't know if it is the normal behavior of Q2A or if some plugin have activated this option ..

1 Answer

–1 vote
by
yoursite.com/admin/posting   u can fix
by
I don't see on this page an option to disable the usage of HTML for answers/comments/questions. There is just an option that enable/disable a customized HTML message for answers/comments/questions. This is not what I want.
asked Aug 31, 2015 in Q2A Core by How to disable posting HTML
...