I would expect 'styleToken' or 'styleString' to work here (I always get these two mixed up), but if they are both not working then you should be fine to use 'unsafe' as long as you are sure this is not user-inputted data from end-users. From your example it looks like this may be authored, so you sh...

Can you try with ${bgImage @ context='unsafe'} ? This should hopefully rule out any issues with accessing that property.

There is a syntax error with your expression: url('${bgImage @ context='styleToken'}');Remove the outer single quotes. It should look like this: url(${bgImage @ context='styleToken'});

HTL (Sightly) applies XSS protection to your script by default. You can specify a context to tell HTL this value can be safely rendered in this context. In your case, you need to specify the styleToken context so that this HTL expression is evaluated and rendered in the CSS style context.Use this in...

I recently joined an AEM project that uses Bootstrap Grid for the site layout. Custom components have been developed to control/author nearly every aspect of the bootstrap grid elements. Authors can place a container on the page, rows in that container, and columns in those rows. It is a mess of nes...