Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

[AEM Gems Webinar] Accelerating Experience Manager as a Cloud Service development with Rapid Development Environments
SOLVED

Antisamy error on AEM 6.5

Avatar

Level 1

RTE component

html being frame on java contains <svg> tag. The same is getting blocked by xss protection.

Error : org.apache.sling.xss.impl.HtmlToHtmlContentContext AntiSamy warning: The svg tag has been filtered for security reasons. The contents of the tag will remain in place.

 

I have already added <svg> tag and its attributes on config.xml.

Also overlayed it from /libs/cq/xssprotection/config.xml

<tag name="svg" action="validate">
<attribute name="width" />
<attribute name="height" />
<attribute name="role">
<regexp-list>
<regexp name="*"/>
</regexp-list>
</attribute>
<attribute name="xmlns">
<regexp-list>
<regexp name="anything"/>
</regexp-list>
</attribute>
<tag name="use" action="validate">
<attribute name="href" />
<attribute name="x">
<regexp-list>
<regexp name="number"/>
</regexp-list>
</attribute>
<attribute name="y">
<regexp-list>
<regexp name="number"/>
</regexp-list>
</attribute>
<attribute name="xmlns:link">
<regexp-list>
<regexp name="anything"/>
</regexp-list>
</attribute>
<attribute name="xlink:href">
<regexp-list>
<regexp name="anything"/>
</regexp-list>
</attribute>
</tag>
</tag>

 

1 Accepted Solution

Avatar

Correct answer by
Community Advisor
0 Replies

Avatar

Correct answer by
Community Advisor