From Setup, enter File Upload and Download Security in the Quick Find box, then select File Upload and Download Security. Click Edit. To prevent users from uploading files that can pose a security risk, select Don't allow HTML uploads as attachments or document records. This setting blocks the upload of these MIME file types: .html, .htt, .mht, .svg, .swf, .thtml, and .xhtml.
Click Edit.
To prevent users from uploading files that can pose a security risk, select Don't allow HTML uploads as attachments or document records.
This setting blocks the upload of these MIME file types: .html, .htt, .mht, .svg, .swf, .thtml, and .xhtml.