Quick links: Content - sections - sub sections
EN FR

By default, jForms has some security check. HTML Builders of jforms escape content during the display, to avoid some security issues like Cross Site scriptings.

It supports also protection against CSRF. This protection don't allow the submission of the form from an origin other than your application. However, if you want to allow any web sites to submit data to your form, you can disable this protection. To do it, put an attribute allowAnyOrigin="true" on the <form> element. You can also change the securityLevel property on your form object. It can take one of this two value:

  • jFormsBase::SECURITY_CSRF to enable the CSRF protection (default value)
  • jFormsBase::SECURITY_LOW to disable it