Solved

RTE Plugin modifying HTML || Removing JS functions like onClick=""

Forum|Forum|6 years ago
February 19, 2019
5 replies
3655 views

RTE plugin is modifying my html content while using source edit option.

How to work around this ?

Is there any option to avoid this?

Thanks!

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.

Best answer by Gaurav-Behl

You'd need to overlay either or both based on how you've coded-

/libs/cq/xssprotection/config.xml
/libs/sling/xss/config.xml

Refer Re: links to ppt not working on OOB text component for detailed configurations. Allow those specific characters that are printed in the logs -

(

,

'

)

smacdonald2008

How is your HTML being modified? Can you please provide more details. Are you using AEM 6.4 and Touch UI?

Gaurav-Behl

check if you can find any AntiSamy or other related errors in error.log for this component/page?

S

sagarv13144480Author

Yes I am getting AntiSamy in logs

**** GET / org.apache.sling.xss.impl.HtmlToHtmlContentContext AntiSamy warning: The a tag contained an attribute that we could not process. The onclick attribute had a value of "openTab(event, 'All')". This value could not be accepted for security reasons. We have chosen to remove this attribute from the tag and leave everything else in place so that we could process the input.*****

Gaurav-BehlAccepted solution

You'd need to overlay either or both based on how you've coded-

/libs/cq/xssprotection/config.xml
/libs/sling/xss/config.xml

Refer Re: links to ppt not working on OOB text component for detailed configurations. Allow those specific characters that are printed in the logs -

(

,

'

)

S

sagarv13144480Author

Thanks a ton! Reference link was very helpful.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded