Goal
When adding Custom Tags via Sling Models or Use Pojos, without overlaying the Anti Samy rules and add the tags in /apps/cq/xssprotection/config.xml, you should see the following in error.log...
org.apache.sling.xss.impl.XSSFilterImpl Detected policy file change (CHANGED) at /apps/cq/xssprotection/config.xml. Updating policy handler.
org.apache.sling.xss.impl.XSSFilterImpl Installed policy from /apps/cq/xssprotection/config.xml.
GET /content/home.html HTTP/1.1] org.apache.sling.xss.impl.HtmlToHtmlContentContext AntiSamy warning: The tv3-tooltip tag has been filtered for security reasons. The contents of the tag will remain in place.
GET /content/home.html HTTP/1.1] org.apache.sling.xss.impl.HtmlToHtmlContentContext AntiSamy warning: The span tag contained an attribute that we could not process. The slot attribute has been filtered out, but the tag is still in place. The value of the attribute was "source".
No Custom Tags in AntiSamy...
CREF Board of Trustees
Custom Tags in AntiSamy
CREF Board of Trustees
Solution
1) Create the Pojo /apps/eaem-anti-samy-model/components/basic-render-component/ExperienceAEMModel.java
package apps.eaem_anti_samy_model.components.basic_render_component;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import javax.annotation.PostConstruct;
public class ExperienceAEMModel {
private static final Logger log = LoggerFactory.getLogger(ExperienceAEMModel.class);
public String getHtml() {
return "" +
"CREF Board of Trustees" +
"
" + ""; } } 2) Create the component render script /apps/eaem-anti-samy-model/components/basic-render-component/basic-render-component.html
Please use this thread to ask the related questions.
Views
Replies
Total Likes