XSD Viewer
XS: documentation
The xs:documentation is currently only rendered by the table macro. The images do not include the documentation.
The proper way to include html is by including an html namespace:
<code xmlns="http://www.w3.org/1999/xhtml">source code</code>
The add-on supports the use of html inside xs:documentation elements. For security reasons the html is sanitized to reduce the risk for cross site forgery attacks.
The following tags are stripped from the html:
  • script
  • noscript
  • iframe
  • frameset
  • frame
  • noframes
  • head
  • title
  • base
  • style
  • link
  • input
  • textarea
The other tags are validated and possibly stripped. For example <a href=""> is checked for sane urls using these regular expressions:
  • on site URLS: "([\p{L}\p{N}\p{Zs}/\.\?=&\-~])+"
  • off site URLS: "(\s)((ht|f)tp(s?)://|mailto:)[~a-zA-Z0-9-_\[email protected]\#\$%&amp;;:,\?=/\!\(\)](\s)*"
Should you have a use case to make this configurable / disable it, let us know!
Copy link