Site options

Enable users to bypass XSS protection and add custom Javascript to a Site

HighQ has a list of supports to enable or to stop your users from adding scripts to the site. The HighQ support team has an option to switch off all access to all users, to completely stop any user from adding scripts to the site, please contact them for more information on this.
This option enables system administrators to give specific users the permission to add custom Javascript to a site, rather than give full access to all users.
Allowing a user to bypass XSS protection
To enable a user to bypass the XSS protection, navigate to your profile drop-down menu and select
System admin
:
The
System admin
 screen opens. Select
User admin
 in the left-hand panel:
In the
User administration
 page, search for the user you want to give this permission to, select the check box next to their name and select
Roles
:
The
Roles
 screen opens:
In the
Roles
 screen, select the
Allow user to bypass XSS protection
 checkbox and select
Save
. The selected user now has permission to add custom Javascript to a site.
Searching for users who have permission to bypass XSS protection
We have also introduced a search field to enable you to search for and list all users who have permission to bypass the XSS protection.
After navigating to the
User administration
 screen, as shown above, you will see a new search check box called
Users granted bypass of XSS protection
.
Select this check box and select
Search
, a list of all users within the instance that have this new permission opens.
Use this screen to search for and manage this permission for your users.

This article applies to:

  • Product: HighQ
  • Subject: Setup