Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
BedrockMission!

Learn more

View all

Sign in to view all badges

SOLVED

RTE is stipping off the <form> tag in raw html.

Umesh_Thakur
Community Advisor
Community Advisor

Dera Members,

I have authored one row html in a dialog which is having <form> tag, but when we submit it, RTE actually striping off the form tag. like 

it converts 

<form method=“POST” action=“https://abc.com”>
                <input type =“hidden” name = “name” value = “xyz===="/>
    <input type=“submit” value=“Click here” />
</form>

 

to 

<input type="hidden" name="name" value="xyz===">

<input type="submit" value="Click here ">

 

I don know what can be solution of it, if any one is having any idea, please respond.

Thanks

Umesh Thakur 

1 Accepted Solution
berliant
Correct answer by
Employee
Employee
What's stripping the custom tags is XSS filter [0], which is based on OWASP AntiSamy. You can find and customize the configuration for it under /libs/cq/xssprotection/config.xml. There you can add rules to allow your custom tag.
Also, check if this article helps [1]
 
[0]
[1]

View solution in original post

2 Replies
berliant
Correct answer by
Employee
Employee
What's stripping the custom tags is XSS filter [0], which is based on OWASP AntiSamy. You can find and customize the configuration for it under /libs/cq/xssprotection/config.xml. There you can add rules to allow your custom tag.
Also, check if this article helps [1]
 
[0]
[1]

View solution in original post

sravs
Level 1
Level 1

Hi @Umesh_Thakur ,

 

Can you please explain What are the configurations you have done to resolve this issue. As I can see the form tag is already valid tag in xssprotection.xml.

sravs_0-1627475862553.png