1. Knowledge Base
  2. Security & Infrastructure

Script Attack Protection: Protected Areas

This article shares areas of the Builder that are whitelisted when enabling Script Attack Protection in your Knack app's settings.

The below locations are those where Script Attack Protection is applied (when the protection is enabled). Entering non-whitelisted code into any of these areas will not be stored.

These tags and attributes (whitelist) are still allowed in the protected locations below.


Protected Builder Areas

These areas are protected on all apps, regardless of the security setting.


  • Name
  • Slug


  • Name


  • Name
  • Default Values
  • Formatting

Page (scene)

  • Name


  • Name
  • Title
  • Description
  • Label
  • "Reload Form" text
  • "Submit" button text
  • "No Data" text
  • Links
  • Groups
  • Columns
  • Field inputs