You need to sign in to do that
Don't have an account?
admintrmp
Displaying HTML and passing security risks
We have a field where the user can submit HTML (needs to be HTML, not the rich text field). We want to be able to display this HTML as a preview to what they might see when it's sent in an email.
How can we display the HTML in the page (an iframe) in a way that will be acceptable to the Salesforce security team? If we use outputText with the escape attribute set to false, we will come across some security failures so this is no good to us.