To minimize this risk, by default Drupal restricts the code you can use in content. Joomla does exactly the same thing and you can read the solution for Joomla by clicking here.
The downside to this is that some common code isn't allowed. For example, most HTML is blocked by default. Here's how to allow those on your site by stopping Joomla from stripping out code.
Text Formats
By default, Drupal content is entered as "Filtered HTML". What does that mean? Drupal explains ...
- Web page addresses and e-mail addresses turn into links automatically.
- Allowed HTML tags:
- Lines and paragraphs break automatically.
So, in short, you only get twelve HTML tags out of hundreds of possibilites.
Click on the dropdown link and you'll get extra options:
Full HTML is described in this way:
- Web page addresses and e-mail addresses turn into links automatically.
- Lines and paragraphs break automatically.
Plain text is described in this way:
- No HTML tags allowed.
- Web page addresses and e-mail addresses turn into links automatically.
- Lines and paragraphs break automatically.
You can also to the Modules page and enable PHP filter:
This is described more simply:
- You may post PHP code. You should include tags.
How does this impact your content?
Let's see an example of how text filters impact your content. In this example we're adding a Google Map to our content.
If we save this page with Filtered HTML, the end result will look like the image below.
If we save this page with Full HTML, the end result will look like the image below.
Modifying the Text Filters
If the default settings aren't right for you, go to Configuration > Text format.
You'll see that different filters are set up for different user groups. For security reasons, anonymous users and authenticated users only get access to Filtered HTML.
Click on Configure next to any text filter to change the options:
