Adobe Experience Manager Sites & More

View profile · 09-09-2020

I'm using the RTE in our text component and have found I cannot add an aria-describedby attribute in an a tag.

For example, in the RTE, I'm using the HTML editor to try to add:

<a href="https://www.google.com" aria-describedby="test-id">TEST</a>

For some reason, the aria-describedby attribute is being stripped out. Does anyone know why this might be happening and how to fix it?

alistairp781078 · ‎10-09-2020

Hi @alistairp781078

Have you checked if aria-describedby tag is whitelisted in xssprotection.

AEM uses XSS (Cross Site Scripting) protection to prevent attackers to inject code into web pages viewed by other users, is based on AntiSamy Java library provided by OWASP.

If the tags are not whitelisted, tags will be stripped off while rendering.

To fix the issue,

1.Navigate to /libs/cq/xssprotection/config.xml

2.overlay the file under apps.

3.Add the below code.

<regexp-list>

</regexp-list>

</attribute>

</tag>

Above code will allow the aria-describedby attribute inside anchor tag. This should fix your issue.

You can refer to below documents to understand in depth.

https://helpx.adobe.com/experience-manager/6-3/sites/developing/using/security.html#ProtectagainstCr...

https://helpx.adobe.com/experience-manager/kb/target-attribute-issue-tag.html

Adobe Experience Manager Sites & More

Adding aria-describedby in RTE not working

Accepted Solutions (1)

Accepted Solutions (1)

Answers (0)

Learn

Documentation

Community

Support

Resources

Adobe account

Adobe