Expand my Community achievements bar.

SOLVED

Alt text issue in links in RTE when alt text has a special character

Avatar

Level 2
Level 2
5/16/18 5:38:41 AM

Hi All,

In AEM 6.3 when i am trying to add special character in alt text field for a link in RTE, the hover functionality stops working and I don't see any alt text.When I have inspected <a> tag, I found that the title attribute from <a> tag is completely removed due to special character.Is there any way I can add special characters like '?',copyright in alt text.To render the RTE content to page I am using context as 'html' .

Thanks in advance.

Views

2.1K

Replies

5
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Level 7
Level 7
5/17/18 6:14:19 AM

Hi,

Instead of using @ context = 'unsafe', it's good to use AntiSamy configuration file in CRXDE light to handle your use-case.

We've tested your use-case and it got resolved after following the below steps:

1) Copy /libs/cq/xssprotection/config.xml to /apps/cq/xssprotection/config.xml.

2) Open /apps/cq/xssprotection/config.xml.

3) In the config.xml file, search for common-attributes and add the following target attribute declaration.

<attribute name="title">

     <regexp-list>

           <regexp value="[a-zA-Z0-9-_\$]+" />

      </regexp-list>

</attbribute>

4) Search for the term <tag name="a" in the config.xml file.

5) Add the line below in the list of attributes:

<attribute name="title" />

6) Save the file. Now, test your use-case and the issue should be resolved.

Sample output:

xss-output.png

You can also find above steps in adobe helpx docs:

XSS Filter issue with the target attribute of the a tag

Hope this helps!

Regards,

TechAspect Solutions

View solution in original post

Views

1.7K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
5 Replies

Avatar

Level 10
Level 10
5/16/18 6:08:13 AM

I do not think Special chars are supported in this use case.

Views

1.2K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 2
Level 2
5/17/18 1:00:57 AM

Is there any other way we can use special characters in alt text without using context as unsafe.

Views

1.2K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 10
Level 10
5/17/18 6:06:36 AM

NOt that I am aware of. I avoid using special chars as much as possible,

Views

1.2K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Correct answer by
Level 7
Level 7
5/17/18 6:14:19 AM

Hi,

Instead of using @ context = 'unsafe', it's good to use AntiSamy configuration file in CRXDE light to handle your use-case.

We've tested your use-case and it got resolved after following the below steps:

1) Copy /libs/cq/xssprotection/config.xml to /apps/cq/xssprotection/config.xml.

2) Open /apps/cq/xssprotection/config.xml.

3) In the config.xml file, search for common-attributes and add the following target attribute declaration.

<attribute name="title">

     <regexp-list>

           <regexp value="[a-zA-Z0-9-_\$]+" />

      </regexp-list>

</attbribute>

4) Search for the term <tag name="a" in the config.xml file.

5) Add the line below in the list of attributes:

<attribute name="title" />

6) Save the file. Now, test your use-case and the issue should be resolved.

Sample output:

xss-output.png

You can also find above steps in adobe helpx docs:

XSS Filter issue with the target attribute of the a tag

Hope this helps!

Regards,

TechAspect Solutions

Views

1.7K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply