It has been over 2 years and multiple times I have asked for a solution (messages to support) to non admin ability to use Iframe code in posts. As an admin it works just find but for all others it does not; the code works until you submit the post and it disappears.
If admin are given permissions to use it then why is there not a option in permissions for other select membership levels?
I have check permissions support gave me to check and they were active. So what gives?
Comments
I would be very careful with allowing users to post iframes indiscriminately. it I an opportunity for phishing attacks, malware distribution, etc. For example, an attacker could make a page with a login form looking just like the one on your site, embed it in a post, and make it look like login is required to see the post. It may trick quite a few people to reveal their passwords.
if you know of a website that has a custom iframe allowed for public posting, please share and we will review.
Can't anyone that is logged in add an iFrame via the code editor in the new/edit post? That is how I have been embedding YouTube videos, here is a post https://speir.tv/view-post/hardwell-azteck-and-alex-hepburn-unite I was wondering why it was not easier to embed a YouTube video.