Yves63
October 29, 2025, 7:05am
1
When I insert a HREF like <a target=“_blank” href=", the _blank is removed after saving.
In Version 2023 I had two possibilities to solve the problem:
Advance Settings –> Remove xss
put this in Page_Load server event of Add Page and/or Edit Page:
Has been discussed in
Hi
When I insert
Web: Website
in a textfield, phpmaker deletes the target=’ _blank’ and makes:
Web: Website
In 2026 I cannot find xss in Advanced Settings anymore.
I cannot access “Code (Server, Events, Client Scripts and Custom Templates)”.
Has been discussed here:
Save project file in OneDrive - PHPMaker / General Discussion (PHPMaker) - hkvstore.com forums
I dont want to change any configuration in OneDrive as this is quite sensitive.
Is there a configuration in Advanced Settings, which i can use ?
arbei
October 29, 2025, 7:49am
2
Since v2024 you may use RemoveXSS Extension to set a field as Raw so HTML will be kept intact (not sanitized by HTMLPurifier).
Yves63
October 29, 2025, 8:21am
3
removeXSS in Extensions is active.
I cannot access code (Server Events, Clients, Client Scripts and custom templates).
Ultimately, the lack of interaction with OneDrive causes important functionalities not to work.
arbei
October 29, 2025, 12:51pm
5
You may want to use the “Classic” code editor for now first.