RTE is stipping off the <form> tag in raw html.

Avatar

TUmesh

18-06-2020

Dera Members,

I have authored one row html in a dialog which is having <form> tag, but when we submit it, RTE actually striping off the form tag. like 

it converts 

<form method=“POST” action=“https://abc.com”>
                <input type =“hidden” name = “name” value = “xyz===="/>
    <input type=“submit” value=“Click here” />
</form>

 

to 

<input type="hidden" name="name" value="xyz===">

<input type="submit" value="Click here ">

 

I don know what can be solution of it, if any one is having any idea, please respond.

Thanks

Umesh Thakur 

Accepted Solutions (0)

Answers (1)

Answers (1)

Avatar

berliant

Employee

18-06-2020

What's stripping the custom tags is XSS filter [0], which is based on OWASP AntiSamy. You can find and customize the configuration for it under /libs/cq/xssprotection/config.xml. There you can add rules to allow your custom tag.
Also, check if this article helps [1]
 
[0]
[1]