RTE component
html being frame on java contains <svg> tag. The same is getting blocked by xss protection.
Error : org.apache.sling.xss.impl.HtmlToHtmlContentContext AntiSamy warning: The svg tag has been filtered for security reasons. The contents of the tag will remain in place.
I have already added <svg> tag and its attributes on config.xml.
Also overlayed it from /libs/cq/xssprotection/config.xml
<tag name="svg" action="validate">
<attribute name="width" />
<attribute name="height" />
<attribute name="role">
<regexp-list>
<regexp name="*"/>
</regexp-list>
</attribute>
<attribute name="xmlns">
<regexp-list>
<regexp name="anything"/>
</regexp-list>
</attribute>
<tag name="use" action="validate">
<attribute name="href" />
<attribute name="x">
<regexp-list>
<regexp name="number"/>
</regexp-list>
</attribute>
<attribute name="y">
<regexp-list>
<regexp name="number"/>
</regexp-list>
</attribute>
<attribute name="xmlns:link">
<regexp-list>
<regexp name="anything"/>
</regexp-list>
</attribute>
<attribute name="xlink:href">
<regexp-list>
<regexp name="anything"/>
</regexp-list>
</attribute>
</tag>
</tag>
Solved! Go to Solution.
Views
Replies
Total Likes
Hi,
Please check this https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/libs-cq-xssprotection-conf...
Hi,
Please check this https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/libs-cq-xssprotection-conf...
Views
Replies
Total Likes
Views
Likes
Replies