Expand my Community achievements bar.

SOLVED

RTE is stipping off the <form> tag in raw html.

Avatar

Community Advisor

Dera Members,

I have authored one row html in a dialog which is having <form> tag, but when we submit it, RTE actually striping off the form tag. like 

it converts 

<form method=“POST” action=“https://abc.com”>
                <input type =“hidden” name = “name” value = “xyz===="/>
    <input type=“submit” value=“Click here” />
</form>

 

to 

<input type="hidden" name="name" value="xyz===">

<input type="submit" value="Click here ">

 

I don know what can be solution of it, if any one is having any idea, please respond.

Thanks

Umesh Thakur 

1 Accepted Solution

Avatar

Correct answer by
Employee
What's stripping the custom tags is XSS filter [0], which is based on OWASP AntiSamy. You can find and customize the configuration for it under /libs/cq/xssprotection/config.xml. There you can add rules to allow your custom tag.
Also, check if this article helps [1]
 
[0]
[1]

View solution in original post

2 Replies

Avatar

Correct answer by
Employee
What's stripping the custom tags is XSS filter [0], which is based on OWASP AntiSamy. You can find and customize the configuration for it under /libs/cq/xssprotection/config.xml. There you can add rules to allow your custom tag.
Also, check if this article helps [1]
 
[0]
[1]

Avatar

Community Advisor

Hi @Umesh_Thakur ,

 

Can you please explain What are the configurations you have done to resolve this issue. As I can see the form tag is already valid tag in xssprotection.xml.

sravs_0-1627475862553.png