XSS Filter issue with the target attribute of the tag

검색
CQ 사용 안내서
적용 대상: CQ 5.6

某些 Creative Cloud 应用程序、服务和功能在中国不可用。

Issue: Open in New Window feature of the hyperlink component doesn't work inside the RTE component

Solution: Declare the target attribute in the AntiSamy configuration file in CRXDE Light.

  1. Copy /libs/cq/xssprotection/config.xml to /apps/cq/xssprotection/config.xml.

  2. Open /apps/cq/xssprotection/config.xml.

  3. In the common-attributes section, add the following target attribute declaration.

    <attribute name="target>

    <regexp-list>

       <regexp value="[a-zA-Z0-9-_\$]+" />

    </regexp-list>

    </attbribute>

  4. ind the a tag declaration by searching the term <tag name="a".

  5. Add the line below in the list of attributes:

    <attribute name="target" />

  6. Save the file. Now, the link will open in a new window if the option is selected.

참고:

Above Solution in form of packacge

Additional information

This issue occurs because the XSS filter trims the target attribute of the a element.