XSS Filter issue with the target attribute of the tag

Suchen
CQ Benutzerhandbuch
Gilt für: CQ 5.6

某些 Creative Cloud 应用程序、服务和功能在中国不可用。

Issue: Open in New Window feature of the hyperlink component doesn't work inside the RTE component

Solution: Declare the target attribute in the AntiSamy configuration file in CRXDE Light.

  1. Copy /libs/cq/xssprotection/config.xml to /apps/cq/xssprotection/config.xml.

  2. Open /apps/cq/xssprotection/config.xml.

  3. In the common-attributes section, add the following target attribute declaration.

    <attribute name="target>

    <regexp-list>

       <regexp value="[a-zA-Z0-9-_\$]+" />

    </regexp-list>

    </attbribute>

  4. Find the tag declaration by searching the term <tag name="a".

  5. Add the line below in the list of attributes:

    <attribute name="target" />

  6. Save the file. Now, the link will open in a new window if the option is selected.

Hinweis:

Above Solution in form of packacge

Additional information

This issue occurs because the XSS filter trims the target attribute of the a element.

Dieses Werk unterliegt den Bedingungen der Creative Commons Attribution-Noncommercial-Share Alike 3.0 Unported License.  Twitter™- und Facebook-Beiträge fallen nicht unter die Bedingungen der Creative Commons-Lizenz.

Rechtliche Hinweise   |   Online-Datenschutzrichtlinie