SVG Tag - no getting saved in Rich Text

Avatar

Avatar
Ignite 1
Level 2
JaganK
Level 2

Likes

4 likes

Total Posts

6 posts

Correct reply

0 solutions
Top badges earned
Ignite 1
Give Back
Boost 3
Boost 1
View profile

Avatar
Ignite 1
Level 2
JaganK
Level 2

Likes

4 likes

Total Posts

6 posts

Correct reply

0 solutions
Top badges earned
Ignite 1
Give Back
Boost 3
Boost 1
View profile
JaganK
Level 2

25-01-2018

Hi,

We are developing a plug-in for Rich Text Editor (RTE) Component.

The plug-in will insert a <svg> tag (to display images for bullet points).

The issue is that, when we close the plug-in after entering necessary content, the <svg> tag is present in RTE, but on final closure of the RTE, the <svg> tag gets removed.

Is there a way to enable it for RTE, so that RTE does not remove it?

Platform - AEM 6.3 (so TouchUI)

Thanks in advance.

Regards,

Jagan K

Replies

Avatar

Avatar
Validate 25
Level 10
smacdonald2008
Level 10

Likes

1,409 likes

Total Posts

12,671 posts

Correct reply

2,278 solutions
Top badges earned
Validate 25
Validate 10
Validate 1
Give back 900
Give back 600
View profile

Avatar
Validate 25
Level 10
smacdonald2008
Level 10

Likes

1,409 likes

Total Posts

12,671 posts

Correct reply

2,278 solutions
Top badges earned
Validate 25
Validate 10
Validate 1
Give back 900
Give back 600
View profile
smacdonald2008
Level 10

01-02-2018

We will check with our Touch UI experts

Avatar

Avatar
Give Back
Level 1
joanneh66541898
Level 1

Likes

0 likes

Total Posts

1 post

Correct reply

0 solutions
Top badges earned
Give Back
View profile

Avatar
Give Back
Level 1
joanneh66541898
Level 1

Likes

0 likes

Total Posts

1 post

Correct reply

0 solutions
Top badges earned
Give Back
View profile
joanneh66541898
Level 1

14-03-2018

Hi,

We have the same question as it's come up in the current project.

The svg HTML looks something like the following in the RTE as it is entered:

<div class="xxx">

<svg class="icon" focusable="false">

<use href="images/svg/sprite.symbol.svg#icons--icon_check_circle" xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="images/svg/sprite.symbol.svg#icons--icon_check_circle"></use>

</svg> TEXT HERE

</div>

AEM 6.3 SP1 Touch UI. Has there been any update or response? Thanks.

Avatar

Avatar
Give Back 3
Level 1
saryus12413976
Level 1

Like

1 like

Total Posts

10 posts

Correct reply

0 solutions
Top badges earned
Give Back 3
Give Back
Ignite 1
Validate 1
Boost 1
View profile

Avatar
Give Back 3
Level 1
saryus12413976
Level 1

Like

1 like

Total Posts

10 posts

Correct reply

0 solutions
Top badges earned
Give Back 3
Give Back
Ignite 1
Validate 1
Boost 1
View profile
saryus12413976
Level 1

21-03-2018

smacdonald2008 Is there an update on this issue? Thank you.

Avatar

Avatar
Give Back 50
Employee
Kunwar
Employee

Likes

65 likes

Total Posts

253 posts

Correct reply

72 solutions
Top badges earned
Give Back 50
Give Back 5
Give Back 3
Give Back 25
Give Back 10
View profile

Avatar
Give Back 50
Employee
Kunwar
Employee

Likes

65 likes

Total Posts

253 posts

Correct reply

72 solutions
Top badges earned
Give Back 50
Give Back 5
Give Back 3
Give Back 25
Give Back 10
View profile
Kunwar
Employee

21-03-2018

Do you see any antisamy warning the logs once you try to save the RTE dialog ? Can you share the log trace here ?

Avatar

Avatar
Validate 1
Level 3
robinsonm
Level 3

Likes

6 likes

Total Posts

50 posts

Correct reply

3 solutions
Top badges earned
Validate 1
Ignite 5
Ignite 3
Ignite 1
Give Back 5
View profile

Avatar
Validate 1
Level 3
robinsonm
Level 3

Likes

6 likes

Total Posts

50 posts

Correct reply

3 solutions
Top badges earned
Validate 1
Ignite 5
Ignite 3
Ignite 1
Give Back 5
View profile
robinsonm
Level 3

04-01-2019

Any updates on this? Our group is looking to utilize this exact capability, and running into the same issue.

Avatar

Avatar
Give Back
Level 1
udaybpatel
Level 1

Likes

0 likes

Total Posts

2 posts

Correct reply

0 solutions
Top badges earned
Give Back
View profile

Avatar
Give Back
Level 1
udaybpatel
Level 1

Likes

0 likes

Total Posts

2 posts

Correct reply

0 solutions
Top badges earned
Give Back
View profile
udaybpatel
Level 1

11-04-2020

11.04.2020 13:37:28.215 *INFO* [0:0:0:0:0:0:0:1 [1586637448208] GET /content/teaser.html HTTP/1.1] org.apache.sling.xss.impl.HtmlToHtmlContentContext AntiSamy warning: The svg tag has been filtered for security reasons. The contents of the tag will remain in place.
11.04.2020 13:37:28.215 *INFO* [0:0:0:0:0:0:0:1 [1586637448208] GET /content/teaser.html HTTP/1.1] org.apache.sling.xss.impl.HtmlToHtmlContentContext AntiSamy warning: The defs tag has been filtered for security reasons. The contents of the tag will remain in place.
11.04.2020 13:37:28.215 *INFO* [0:0:0:0:0:0:0:1 [1586637448208] GET /content/teaser.html HTTP/1.1] org.apache.sling.xss.impl.HtmlToHtmlContentContext AntiSamy warning: The g tag has been filtered for security reasons. The contents of the tag will remain in place.
11.04.2020 13:37:28.215 *INFO* [0:0:0:0:0:0:0:1 [1586637448208] GET /content/teaser.html HTTP/1.1] org.apache.sling.xss.impl.HtmlToHtmlContentContext AntiSamy warning: The g tag has been filtered for security reasons. The contents of the tag will remain in place.
11.04.2020 13:37:28.215 *INFO* [0:0:0:0:0:0:0:1 [1586637448208] GET /content/teaser.html HTTP/1.1] org.apache.sling.xss.impl.HtmlToHtmlContentContext AntiSamy warning: The g tag has been filtered for security reasons. The contents of the tag will remain in place.
11.04.2020 13:37:28.215 *INFO* [0:0:0:0:0:0:0:1 [1586637448208] GET /content/teaser.html HTTP/1.1] org.apache.sling.xss.impl.HtmlToHtmlContentContext AntiSamy warning: The g tag has been filtered for security reasons. The contents of the tag will remain in place.

Avatar

Avatar
Give Back
Level 1
udaybpatel
Level 1

Likes

0 likes

Total Posts

2 posts

Correct reply

0 solutions
Top badges earned
Give Back
View profile

Avatar
Give Back
Level 1
udaybpatel
Level 1

Likes

0 likes

Total Posts

2 posts

Correct reply

0 solutions
Top badges earned
Give Back
View profile
udaybpatel
Level 1

11-04-2020

Is there an update on this? We are trying to resolve this issue with RTE 

Avatar

Avatar
Give Back 5
Level 2
rafcap
Level 2

Likes

3 likes

Total Posts

13 posts

Correct reply

0 solutions
Top badges earned
Give Back 5
Boost 3
Boost 1
Give Back 3
Validate 1
View profile

Avatar
Give Back 5
Level 2
rafcap
Level 2

Likes

3 likes

Total Posts

13 posts

Correct reply

0 solutions
Top badges earned
Give Back 5
Boost 3
Boost 1
Give Back 3
Validate 1
View profile
rafcap
Level 2

11-06-2021

any updates on this? I have the same issue

Avatar

Avatar
Establish
Level 4
kchaurasiya
Level 4

Likes

63 likes

Total Posts

57 posts

Correct reply

8 solutions
Top badges earned
Establish
View profile

Avatar
Establish
Level 4
kchaurasiya
Level 4

Likes

63 likes

Total Posts

57 posts

Correct reply

8 solutions
Top badges earned
Establish
View profile
kchaurasiya
Level 4

11-06-2021

Hi JaganK,

As long as you are using OOTB API's , the code will be XSS protected.If you are using anything custom, you can overlay below file under /apps and make the necessary changes.

 

Whenever we add the custom Attributes/Property in rte it gets removed custom attributes once dialog is submitted. For this i think we have to make a entry inside the xssprotection config file. You can navigate to OOTB xssprotection config file path (http://localhost:4502/crx/de/index.jsp#/libs/cq/xssprotection/config.xml) but do not change inside this directly. You can copy and paste it inside the "/apps/cq" path and try to add the custom attributes whichever is getting removed while submitting the dialog. Just see the attribute entry in below snapshot for the reference.

kchaurasiya_0-1623411432182.png

 

I think this issue we usually face in AEM version 6.3 and 6.4. and going forward this is resolved in AEM 6.5 , As no need to make a entry in xssprotection file. Please try this and let me know.

Thank You. Good day..!!