Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

SOLVED

HREF tag getting removed if we add curly braces { }

Avatar

Level 2

In Text component if I write <a href="mailto:{{abc}}">{{abc}}</a> and click on done. 

I see value is stored correctly in CRX/DE but it is rendered as <a>{{userEmailAddress}}</a> on the Page.

I modified the text component with context = 'unsafe', now on page it comes up fine but as I open the dialog and view HTML source, HREF tag is removed.

If I write <a href="mailto:userEmailAddress">{{userEmailAddress}}</a> then everything is fine.

Is there any way I can stop the removal of HREF when I have curly braces { }.

1 Accepted Solution

Avatar

Correct answer by
Community Advisor

Hi @saurabhkaushik 

AEM removes certain code or character for XSS protection. Though "mailto" protocol maybe supported for anchor in a RTE, adding interpolation braces might get stripped off by aem. If your goal is to add the email to the href at runtime from js you might have to consider other options apart from text interpolation. But if you really want the interpolation braces in href then you will have to add rules in the xss config. Here is an article which might help you to add rules to XSS config.

http://www.sgaemsolutions.com/2019/12/hreftel-issue-for-international-numbers.html

View solution in original post

1 Reply

Avatar

Correct answer by
Community Advisor

Hi @saurabhkaushik 

AEM removes certain code or character for XSS protection. Though "mailto" protocol maybe supported for anchor in a RTE, adding interpolation braces might get stripped off by aem. If your goal is to add the email to the href at runtime from js you might have to consider other options apart from text interpolation. But if you really want the interpolation braces in href then you will have to add rules in the xss config. Here is an article which might help you to add rules to XSS config.

http://www.sgaemsolutions.com/2019/12/hreftel-issue-for-international-numbers.html