The HTML and Formatted Text widgets are extremely flexible but should be used carefully to ensure effective performant pages. These widgets are designed to display customized information on Overview places, including the Community home page. You can use them to embed all kinds of assets, including images.
This article also covers certain security limitations, performance impact, and widget security that are related to the HTML widgets.
Uploading Resources to a Widget
- You can use the Formatted Text and HTML widgets to upload up to 10 file resources per place. (Spaces can include any kind of files: Groups and Projects are limited to GIF, JPEG, PNG and BMP files.)
- Files you upload will be stored as part of your Community so you do not have to retrieve them from an external location, which can improve performance and saves you the trouble of hosting them elsewhere.
- You can then refer to these resources in any Formatted Text or HTML widget you have access to edit. For instructions, see Uploading Static Resources to a Widget.
Uploading resources is a good way to limit the performance impact of resource loading from your widgets: uploaded resources do not need to be authenticated on page load.
However, you will still want to consider user page loads when determining the number and content of widgets.
Managing HTML Widget Security
- To ensure security and prevent problems that can corrupt your pages and keep them from loading, any HTML widget code that calls a
<script>tag will be contained in an isolated iFrame. This is known as safe mode.
- If you want to include CSS or another styling in the widget, you can include it in the same location as your HTML code.
- In safe mode, you can still call the assets associated with the core Jive installation as follows:
<script src="/resources/scripts/jquery/jquery.js"></script> <link rel="stylesheet" href="/styles/jive.css" media="all">
- In previous versions, before the safe mode was implemented for widgets, it was possible for corrupted widget code to cause serious problems that affected the database.
- Widget upload access should be limited to users you trust. Because any social group owner can upload resources to these widgets, it is possible for users to make incorrect judgments about appropriateness and security, so make sure the group owners are carefully chosen.