RTE is stipping off the <form> tag in raw html.

Avatar

Avatar
Validate 1
MVP
Umesh_Thakur
MVP

Likes

158 likes

Total Posts

172 posts

Correct reply

58 solutions
Top badges earned
Validate 1
Applaud 25
Ignite 3
Ignite 1
Give Back 5
View profile

Avatar
Validate 1
MVP
Umesh_Thakur
MVP

Likes

158 likes

Total Posts

172 posts

Correct reply

58 solutions
Top badges earned
Validate 1
Applaud 25
Ignite 3
Ignite 1
Give Back 5
View profile
Umesh_Thakur
MVP

18-06-2020

Dera Members,

I have authored one row html in a dialog which is having <form> tag, but when we submit it, RTE actually striping off the form tag. like 

it converts 

<form method=“POST” action=“https://abc.com”>
                <input type =“hidden” name = “name” value = “xyz===="/>
    <input type=“submit” value=“Click here” />
</form>

 

to 

<input type="hidden" name="name" value="xyz===">

<input type="submit" value="Click here ">

 

I don know what can be solution of it, if any one is having any idea, please respond.

Thanks

Umesh Thakur 

Accepted Solutions (1)

Accepted Solutions (1)

Avatar

Avatar
Give Back 50
Employee
berliant
Employee

Likes

207 likes

Total Posts

315 posts

Correct reply

98 solutions
Top badges earned
Give Back 50
Give Back 5
Give Back 3
Give Back 25
Give Back 10
View profile

Avatar
Give Back 50
Employee
berliant
Employee

Likes

207 likes

Total Posts

315 posts

Correct reply

98 solutions
Top badges earned
Give Back 50
Give Back 5
Give Back 3
Give Back 25
Give Back 10
View profile
berliant
Employee

18-06-2020

What's stripping the custom tags is XSS filter [0], which is based on OWASP AntiSamy. You can find and customize the configuration for it under /libs/cq/xssprotection/config.xml. There you can add rules to allow your custom tag.
Also, check if this article helps [1]
 
[0]
[1]

Answers (1)

Answers (1)

Avatar

Avatar
Level 1
sravs
Level 1

Likes

0 likes

Total Posts

7 posts

Correct reply

0 solutions
View profile

Avatar
Level 1
sravs
Level 1

Likes

0 likes

Total Posts

7 posts

Correct reply

0 solutions
View profile
sravs
Level 1

28-07-2021

Hi @Umesh_Thakur ,

 

Can you please explain What are the configurations you have done to resolve this issue. As I can see the form tag is already valid tag in xssprotection.xml.

sravs_0-1627475862553.png