All Versions
- DSpace 7.x (Current Release)
- DSpace 8.x (Unreleased)
- DSpace 6.x (EOL)
- DSpace 5.x (EOL)
- More Versions...
Unreleased Documentation
This documentation is unreleased and still in development. It may describe features which are not yet released in DSpace.
Looking for another version? See all documentation
A few features of the user interface, such as the deposit license text & some metadata fields, can be marked up using a subset of HTML. This HTML subset is defined by Angular, as we use Angular's "[innerHtml]" property to display these HTML-based fields.
Angular automatically sanitizes any HTML passed to "[innerHtml]" in order to avoid XSS attacks. See Angular docs at https://angular.io/guide/security#preventing-cross-site-scripting-xss
At this time, Angular does NOT have a formal reference of elements/attributes which are allowed, but we've compiled a list below of currently known acceptable elements. This list may change in later releases of Angular, but is currently maintained in Angular's "html_sanitizer.ts": https://github.com/angular/angular/blob/main/packages/core/src/sanitization/html_sanitizer.ts
As of the writing of this page, these HTML5 elements may be used:
Not all DSpace fields support HTML, but the User Interface should make it clear which fields do. When adding HTML to a field, you should not create a complete HTML document (surrounded with "<html>" tags). Just add an HTML fragment.