Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

SOLVED

Antisamy error on AEM 6.5

Avatar

Level 1

RTE component

html being frame on java contains <svg> tag. The same is getting blocked by xss protection.

Error : org.apache.sling.xss.impl.HtmlToHtmlContentContext AntiSamy warning: The svg tag has been filtered for security reasons. The contents of the tag will remain in place.

 

I have already added <svg> tag and its attributes on config.xml.

Also overlayed it from /libs/cq/xssprotection/config.xml

<tag name="svg" action="validate">
<attribute name="width" />
<attribute name="height" />
<attribute name="role">
<regexp-list>
<regexp name="*"/>
</regexp-list>
</attribute>
<attribute name="xmlns">
<regexp-list>
<regexp name="anything"/>
</regexp-list>
</attribute>
<tag name="use" action="validate">
<attribute name="href" />
<attribute name="x">
<regexp-list>
<regexp name="number"/>
</regexp-list>
</attribute>
<attribute name="y">
<regexp-list>
<regexp name="number"/>
</regexp-list>
</attribute>
<attribute name="xmlns:link">
<regexp-list>
<regexp name="anything"/>
</regexp-list>
</attribute>
<attribute name="xlink:href">
<regexp-list>
<regexp name="anything"/>
</regexp-list>
</attribute>
</tag>
</tag>

 

1 Accepted Solution

Avatar

Correct answer by
Community Advisor
1 Reply

Avatar

Correct answer by
Community Advisor