diff --git a/html/includes/common/notes.inc.php b/html/includes/common/notes.inc.php
index 02635bde5b..c25053abf9 100644
--- a/html/includes/common/notes.inc.php
+++ b/html/includes/common/notes.inc.php
@@ -35,9 +35,13 @@ if (defined('SHOW_SETTINGS') || empty($widget_settings)) {
 } else {
     $tmp_config = array(
         'HTML.Allowed'    => 'b,iframe,i,ul,li,h1,h2,h3,h4,br,p',
+        'HTML.AllowedAttributes'    => 'iframe@src,iframe@width,iframe@height',
+        'HTML.AllowedElements' => array('iframe'),
         'HTML.Trusted'    => true,
         'HTML.SafeIframe' => true,
+        'URI.SafeIframeRegexp' => '%^(https?:)?//%',
     );
     $common_output[] = display(nl2br($widget_settings['notes']), $tmp_config);
+    //print_r($common_output);exit;
     unset($tmp_config);
 }