XSS Filter issue with the target attribute of the tag

Issue: Open in New Window feature of the hyperlink component doesn't work inside the RTE component

Solution: Declare the target attribute in the AntiSamy configuration file in CRXDE Light.

  1. Copy /libs/cq/xssprotection/config.xml to /apps/cq/xssprotection/config.xml.

  2. Open /apps/cq/xssprotection/config.xml.

  3. In the common-attributes section, add the following target attribute declaration.

    <attribute name="target>


       <regexp value="[a-zA-Z0-9-_\$]+" />



  4. Find the tag declaration by searching the term <tag name="a".

  5. Add the line below in the list of attributes:

    <attribute name="target" />

  6. Save the file. Now, the link will open in a new window if the option is selected.

Additional information

This issue occurs because the XSS filter trims the target attribute of the a element.


Obțineți ajutor mai rapid și mai ușor

Utilizator nou?