HREF tag getting removed if we add curly braces { }

Question

In Text component if I write {{abc}} and click on done. I see value is stored correctly in CRX/DE but it is rendered as {{userEmailAddress}} on the Page.I modified the text component with context = 'unsafe', now on page it comes up fine but as I open the dialog and view HTML source, HREF tag is removed.If I write {{userEmailAddress}} then everything is fine.Is there any way I can stop the removal of HREF when I have curly braces { }.

JeevanRaj · Accepted Answer

Hi @saurabh_kaushik

AEM removes certain code or character for XSS protection. Though "mailto" protocol maybe supported for anchor in a RTE, adding interpolation braces might get stripped off by aem. If your goal is to add the email to the href at runtime from js you might have to consider other options apart from text interpolation. But if you really want the interpolation braces in href then you will have to add rules in the xss config. Here is an article which might help you to add rules to XSS config.

http://www.sgaemsolutions.com/2019/12/hreftel-issue-for-international-numbers.html

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded