How to make xss config file as content editable?
Solved! Go to Solution.
Views
Replies
Total Likes
Kishore,
I am not certain if I understand your question, however, please refer to document [1] which states the OOTB XSS config file.
Your team would overlay the item /libs/cq/xssprotection/config.xml
to /apps/cq/xssprotection/config.xml
Make your changes to the overlaid file.
Please detail the intended use-case and requirements for us to be able to assist further.
Regards,
Lisa
[1] Security
Kishore,
I am not certain if I understand your question, however, please refer to document [1] which states the OOTB XSS config file.
Your team would overlay the item /libs/cq/xssprotection/config.xml
to /apps/cq/xssprotection/config.xml
Make your changes to the overlaid file.
Please detail the intended use-case and requirements for us to be able to assist further.
Regards,
Lisa
[1] Security
Hi lisah,
Our team had done overlay in apps folder. However is it possible to make it as a content editable (means making as dialogs and saving it should update in xss config. Xml)
Views
Replies
Total Likes
You need to overlay this file [1] under the /apps directory via CRXDE:
[1] /libs/cq/xssprotection/config.xml
See related doc here: Security
Instructions:
1. Go to http://{aemhost}/crx/de/index.jsp
2. Browse to /libs/cq/xssprotection/config.xml and right-click the file then select Copy
3. (Skip this step in 6.4 and later versions) Go to /apps and if it doesn't already exist, create the same folder structure usinig sling:Folder type /apps/cq/xssprotection. Select the Access Control tab and allow sling-xss user jcr:read access to this folder. If the folder already existed then this access is likely already granted.
4. Right-click /apps/cq/xssprotection and select Paste. That creates an overlay / copy of the file [1].
5. This new copy of the file under /apps overrides the one from the /libs folder. You can now make edits to it and add this file to your application deployment package.
See this documentation for how to manage overlays in AEM: Overlays
Hi Kishore,
There is no ability to edit the xml file via dialogs. However, there shouldn't be need to edit the configuration so often. Antisamy xml format supports regular expressions. That makes it so you can define complex rules.
More details can be found here:
https://www.owasp.org/index.php/Category:OWASP_AntiSamy_Project
Views
Likes
Replies