If I had an overlay of of the AntiSamy config file at /apps/cq/xssprotection/config.xml, could I adjust it to allow random data attributes specified by authors? I see it uses regular expressions to validate attribute values, but can I use a regular expression to validate an attribute name? For example, say an author wanted a div to have a data attribute with a name that ended in random letters like:
<div data-author-xbqmuwzkcsa="somevalue"></div>
Is there a way to allow random attribute names like that in the AntiSamy config?
Solved! Go to Solution.
Views
Replies
Total Likes
This topic was raised in an internal discussion at my company where there is a desire to use HTML5 "data-" attributes without having to wire each one into the AntiSamy config.xml. This use case was once publicly discussed in a non-AEM project at https://jira.sakaiproject.org/browse/KNL-1007 . I was just wondering if this is currently possible with AEM AntiSamy.
Views
Replies
Total Likes
Are you following an online doc topic for this. Can you point the community to your source of information for this use case.
Views
Replies
Total Likes
https://helpx.adobe.com/experience-manager/kb/target-attribut-issue-tag.html
https://docs.adobe.com/docs/en/aem/6-2/develop/security.html
There's not a tremendous amount of documentation and the antisamy project hasn't been developed since 2013.
Views
Replies
Total Likes
This topic was raised in an internal discussion at my company where there is a desire to use HTML5 "data-" attributes without having to wire each one into the AntiSamy config.xml. This use case was once publicly discussed in a non-AEM project at https://jira.sakaiproject.org/browse/KNL-1007 . I was just wondering if this is currently possible with AEM AntiSamy.
Views
Replies
Total Likes
Views
Likes
Replies
Views
Like
Replies