I see antisamy configuration in 2 locations.
I was trying to add rule for custom tag for br tag. It worked only after I added rule to 2nd one. I would overlay the working one to apps, first tried locally in libs.
<tag name="br" action="validate"> <attribute name="aria-hidden"> <regexp-list> <regexp name="boolean"/> </regexp-list> </attribute> </tag>
Question is, what is the role of these two antisamy configuration locations, which one is correct location?
Solved! Go to Solution.
Feike, thanks for your reply. It works. I did a mistake in first place while trying to do it in libs for the first option. There were few spaces at the start of XML and policy file loader was not working. After removing those spaces it works. But I am not clear on the role of second location. It seems it works from both locations. Documentation doesn't talks much about second location.
There are two xss protection config files:
Sightly is using the second one, which means that you need to overlay it at path /apps/sling/xss/config.xml
Note:- What is worth mentioning is that new configuration seems to be applied only after restart of your aem instance.