Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

SOLVED

RTE Dialog Source Edit - Content with HTML Tags rendered

gargrohan
Level 2
Level 2

Hi All,

 

I have a component in AEM with a property that's Rich Text enabled using sling:resourceType - cq/gui/components/authoring/dialog/richtext

The component is working correctly in edit mode for Source Edit. The HTML tags render the content enter correctly.

However, as soon as I click ok and come to Edit/Preview screen - The content comes with HTML tags (like <h6>Hello, Rohan</h6>)

 

So the source edit works correctly when configuring content but the html tags do not get removed in edit/preview mode.

 

I have attached 3 screenshots showing the same. I can send the xml of the dialog if required.  Image 1 - Source Edit ModeImage 1 - Source Edit ModeImage 2 - Normal Edit Mode outside Source EditImage 2 - Normal Edit Mode outside Source EditImage 3 - Component in HeadquartersImage 3 - Component in Headquarters

Topics

Topics help categorize Community content and increase your ability to discover relevant content.

6.5
1 Accepted Solution
Vishalverma
Correct answer by
Level 2
Level 2

Are you using sightly? If yes then have you used context='html' while rendering e.g. 

<div>${properties.richText @ context='html'}</div>

View solution in original post

9 Replies
berliant
Employee
Employee

What's stripping the custom tags is XSS filter, which is based on OWASP AntiSamy. You can find and customize the configuration for it under /libs/cq/xssprotection/config.xml. There you can add rules to allow your custom tag.

 

You need to allow the custom tags in RTE.

Please check http://experience-aem.blogspot.com/2015/05/aem-6-sp2-handling-custom-protocol-in-link-href-in-rte.ht...

gargrohan
Level 2
Level 2
I am not using any custom tags in RTE, only standard
gargrohan
Level 2
Level 2
Hi @berliant, thanks for your quick reply. I am not using any custom tags in RTE, only standard
berliant
Employee
Employee
If the tag is not allowed in XSS filter you have to add it.
gargrohan
Level 2
Level 2
Hi @berliant, thanks for your quick reply. I am not using any custom tags in RTE, only standard HTML tags. I downloaded the RTE Component Zip file from Adobe's documentation and that's working correctly with the same basic HTML tags..
gargrohan
Level 2
Level 2
The tag is allowed in XSS Filter. Here's the entry below:- <!-- All formatting tags --> <tag name="h1" action="validate"/> <tag name="h2" action="validate"/> <tag name="h3" action="validate"/> <tag name="h4" action="validate"/> <tag name="h5" action="validate"/> <tag name="h6" action="validate"/> <tag name="p" action="validate"> <attribute name="align"/> </tag>
gargrohan
Level 2
Level 2
@berliant thanks for your help ! The problem was not with XSS Filter. It was at Sightly end. I had converted the resourceType from text to richtext without incorporating context changes in Sightly. Thanks for your time & help.
Vishalverma
Correct answer by
Level 2
Level 2

Are you using sightly? If yes then have you used context='html' while rendering e.g. 

<div>${properties.richText @ context='html'}</div>

View solution in original post

gargrohan
Level 2
Level 2
Hi Vishal, Thanks for pointing this out. I had convert the component from text to rich-text without making change in sightly. Thanks for your help !