Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
BedrockMission!

Learn more

View all

Sign in to view all badges

SOLVED

Antisamy error on AEM 6.5

pingi
Level 1
Level 1

RTE component

html being frame on java contains <svg> tag. The same is getting blocked by xss protection.

Error : org.apache.sling.xss.impl.HtmlToHtmlContentContext AntiSamy warning: The svg tag has been filtered for security reasons. The contents of the tag will remain in place.

 

I have already added <svg> tag and its attributes on config.xml.

Also overlayed it from /libs/cq/xssprotection/config.xml

<tag name="svg" action="validate">
<attribute name="width" />
<attribute name="height" />
<attribute name="role">
<regexp-list>
<regexp name="*"/>
</regexp-list>
</attribute>
<attribute name="xmlns">
<regexp-list>
<regexp name="anything"/>
</regexp-list>
</attribute>
<tag name="use" action="validate">
<attribute name="href" />
<attribute name="x">
<regexp-list>
<regexp name="number"/>
</regexp-list>
</attribute>
<attribute name="y">
<regexp-list>
<regexp name="number"/>
</regexp-list>
</attribute>
<attribute name="xmlns:link">
<regexp-list>
<regexp name="anything"/>
</regexp-list>
</attribute>
<attribute name="xlink:href">
<regexp-list>
<regexp name="anything"/>
</regexp-list>
</attribute>
</tag>
</tag>

 

1 Accepted Solution
Arun_Patidar
Correct answer by
Community Advisor
Community Advisor
2 Replies
Arun_Patidar
Correct answer by
Community Advisor
Community Advisor
pingi
Level 1
Level 1
I have overlayed /libs/cq/xssprotection only. Thank you