Adobe Experience Manager Sites & More

carolynr5682886 · 1/14/19

Hi,

I have a problem with the OOB text component not publishing the links to pps, ppsx or pps assets within the DAM on a page.

Currently when I add a link to the ppt, ppsx or pps assets in the DAM via the text component it does not keep the link to the asset in the DAM and returns an empty <a href> on the page like so:

The text component is OOB using sightly on an AEM 6.2 instance.

I've made sure that the ppt, ppsx and pps files have been published, can be accessed through the browser by the DAM link and is not showing as a broken link within the text component on my page. Also I have gone to my instance https://<server_name>/system/console/mimetypes and found the mimetype associated to the ppt, pps and pps.

Example here:

How can I get the OOB text component to keep the links to the ppt, pps and pps dam assets?

smacdonald2008 · 1/14/19

How are you getting the links - are you using PathFinder from a dialog?

smacdonald2008 · 1/14/19

The above component that has links should be an HTL component that has text and a line for links so ppl can click it to download the asset.

carolynr5682886 · 1/15/19

Yes Scott, I am using the pathfinder to grab the ppt, ppsx or pps assets from the dam to create the link.

I am also using the OOB text component that calls this text.js

All of the other examples I have on the page using the OOB text component allow the user to download the respective asset from the DAM. The other examples of assets from the DAM are the following: zip, .doc, .docx, .xlsx, .xls, .pptx, pps

Here is an example of the .doc working:

carolynr5682886 · 1/15/19

Also please see the text component itself:

Gaurav-Behl · 1/15/19

change the context to 'unsafe' from 'html' and test if it works?

"${text.context == 'unsafe'}" rather than "${text.context == 'html'}"

If it works fine with unsafe then it's an issue with XSS/Antisamy policy configurations which you can override appropriately.

carolynr5682886 · 1/15/19

I've changed: "${text.context == 'unsafe'}" in the component to now be this:

<p data-sly-use.text="text.js" data-sly-unwrap="${text.context == 'unsafe'}" class="${text.cssClass}" data-emptytext="Text">${text.text @ context=text.context}</p>

</span>

However, the links to ppsx and ppt are still empty.

<a>Download Link</a>

Gaurav-Behl · 1/15/19

does this ppt, ppsx have any scripts/embedded objects inside it which could be considered as unsecure by RTE/AEM?

do you see any errors/warnings in error.log file?

carolynr5682886 · 1/15/19

ah! yes.

15.01.2019 09:54:07.155 *INFO* [10.223.42.151 [1547574847149] GET /author/content/NVEnergy/en/test-2/file-test/jcr:content/content/columncontrol/col-cntrl-1/columncontrol_1784891259/col-cntrl-2/text_copy_copy.html HTTP/1.1] org.apache.sling.xss.impl.HtmlToHtmlContentContext AntiSamy warning: The a tag contained an attribute that we could not process. The href attribute had a value of "/content/dam/nvenergy/brochures_arch/test-2/MPB_Sponsor Slide 2_2018.ppt". This value could not be accepted for security reasons. We have chosen to remove this attribute from the tag and leave everything else in place so that we could process the input.

How do I correct/handle this so that the warning does not occur?

carolynr5682886 · 1/15/19

Is the place to make the corrections found here?

/libs/cq/xssprotection/config.xml
/libs/sling/xss/config.xml

Gaurav-Behl · 1/15/19

Yes, overlay it to /apps folder and make the changes in

/apps/sling/xss/config.xml

carolynr5682886 · 1/15/19

Done, Is this the correct change?

<regexp-list>

</regexp-list>

</attbribute>

Gaurav-Behl · 1/15/19

this attribute must be within <a> tag definition

include forward slash and a dot as it is present in your target link along with underscore

[a-zA-Z0-9-_/\.$]

carolynr5682886 · 1/15/19

I have made this change on this file /apps/sling/xss/config.xml :

<regexp-list>

</regexp-list>

</attribute>

<literal-list>

</literal-list>

</attribute>

<attribute name="target">

<regexp-list>

<regexp value="[a-zA-Z0-9-_/\$]+" />

</regexp-list>

</attribute >

</tag>

But nothing has changed, it still returns the error in the log and the href is blank. Does the authoring instance need to be restarted? Or am I missing a step?

Gaurav-Behl · 1/15/19

Could you check the error.log again or try with a different link?

"/content/dam/nvenergy/brochures_arch/test-2/MPB_Spon sor Slide 2_2018.ppt".

/ = slash

. = dot

- = hyphen

_ = underscore

dot is still missing in regex

carolynr5682886 · 1/16/19

The ppt works now that I have linked it to another file and added the . into the regex. ppsx is not working but I believe once I have another example from the client it should be solved. Thank you for the help.

smacdonald2008 · 1/16/19

I am glad that you have it working.

kautuk_sahni · 1/15/19

I am not very clear with your questions. What do you mean by "adding links to the PPT", is it links to the text? How are you adding these links?

Adobe Experience Manager Sites & More

links to ppt not working on OOB text component

Kautuk Sahni

Learn

Documentation

Community

Support

Resources

Adobe account

Adobe