Antisamy error on AEM 6.5 | Community
Skip to main content
P
pingi
June 7, 2021
Solved

Antisamy error on AEM 6.5

  • June 7, 2021
  • 1 reply
  • 2539 views

RTE component

html being frame on java contains <svg> tag. The same is getting blocked by xss protection.

Error : org.apache.sling.xss.impl.HtmlToHtmlContentContext AntiSamy warning: The svg tag has been filtered for security reasons. The contents of the tag will remain in place.

 

I have already added <svg> tag and its attributes on config.xml.

Also overlayed it from /libs/cq/xssprotection/config.xml

<tag name="svg" action="validate">
<attribute name="width" />
<attribute name="height" />
<attribute name="role">
<regexp-list>
<regexp name="*"/>
</regexp-list>
</attribute>
<attribute name="xmlns">
<regexp-list>
<regexp name="anything"/>
</regexp-list>
</attribute>
<tag name="use" action="validate">
<attribute name="href" />
<attribute name="x">
<regexp-list>
<regexp name="number"/>
</regexp-list>
</attribute>
<attribute name="y">
<regexp-list>
<regexp name="number"/>
</regexp-list>
</attribute>
<attribute name="xmlns:link">
<regexp-list>
<regexp name="anything"/>
</regexp-list>
</attribute>
<attribute name="xlink:href">
<regexp-list>
<regexp name="anything"/>
</regexp-list>
</attribute>
</tag>
</tag>

 

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.

1 reply

arunpatidar
Community Advisor
arunpatidarCommunity AdvisorAccepted solution
Community Advisor
June 7, 2021

Hi,

Please check this https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/libs-cq-xssprotection-config-xml-vs-libs-sling-xss-config-xml/td-p/240567

Arun Patidar
    P
    pingiAuthor
    June 7, 2021
    I have overlayed /libs/cq/xssprotection only. Thank you
    Terms & ConditionsAccessibility statement

    Loading footer...