x

Main chapters

  1. LimeSurvey Cloud vs LimeSurvey CE
  2. LimeSurvey Cloud - Quick start guide
  3. LimeSurvey CE - Installation
  4. How to design a good survey (Guide)
  5. Getting started
  6. LimeSurvey configuration
  7. Introduction - Surveys
  8. View survey settings
  9. View survey menu
  10. View survey structure
  11. Introduction - Questions
  12. Introduction - Question Groups
  13. Introduction - Surveys - Management
  14. Survey toolbar options
  15. Multilingual survey
  16. Quick start guide - ExpressionScript
  17. Advanced features
  18. General FAQ
  19. Troubleshooting
  20. Workarounds
  21. License
  22. Version change log
  23. Plugins - Advanced
 Actions

Translations

Translations:Global settings/9/en

From LimeSurvey Manual

Security

  • Survey preview only for administration users: By default, the preview of inactive surveys is restricted only to authenticated. If you set this to 'No', any person can test your survey using the survey URL – without logging in to the administration and without having to activate the survey first
  • Filter HTML for XSS: It is turned 'on' by default. They will not be authorized to use dangerous HTML tags in their survey/group/question/labels texts (JavaScript code, for instance). The idea behind this is to prevent a survey operator to add a malicious script to get his permissions raised on your system. However, if you want to use any JavaScript in your surveys, you will need to switch this off (specific scripts for video hosting platforms can be used).
 Hint: The super admins never have their HTML filtered when saved or on public survey view. To see the effects of XSS filtering, it is advised to use a regular user account.
  Warning : With XSS enabled, some parts of the expression manager system cannot be used: see XSS and ExpressionScript.


Retrieved from "http://www.limesurvey.org/manual/index.php?title=Translations:Global_settings/9/en&oldid=175673"