pass_content

pass_content
Type:boolean
Scope:Display

If set, then content from the field is directly outputted in the <input> section as value attribute. Otherwise, the content will be passed through htmlspecialchars().

Be careful to set this flag since it allows HTML from the field to be outputted on the page, thereby creating the possibility of XSS security holes.