Contents Now Platform Administration Previous Topic Next Topic Configure HTML sanitizer Subscribe Log in to subscribe to topics and get notified when content changes. ... SAVE AS PDF Selected Topic Topic & Subtopics All Topics in Contents Share Configure HTML sanitizer You must modify a script include to make configuration changes to the HTML sanitizer. Before you beginRole required: admin Procedure Navigate to System Definition > Script Includes. Open HTMLSanitizerConfig. To add items to the black list, use the HTML_BLACKLIST class. To add items to the white list, use the HTML_WHITELIST class. Use this format: HTML_XXXXLIST :{ globalAttributes :{ attribute:[attribute-name1,...], attributeValuePattern:{ attribute-name2:attribute-value-regex-pattern,...} },<html-element-name>:{// Same as Above},----} globalAttributes contains attribute or attributeValuePattern items that are applicable globally for all the HTML elements. attribute is a comma-separated list of attributes. attributeValuePattern is a dictionary of attribute to attribute-value-regex-pattern pairs. The attribute-value-regex-pattern is a regular expression which has to match the attribute value. Example Consider the following example: HTML_WHITELIST:{ globalAttributes:{ attribute:["id","name"],}, img:{ attribute:["style","align"], attributeValuePattern:{src:".*jpeg"}}, iframe:{},} It adds the following items to the white list: The global attributes id and name. This is a list of strings that can be applied globally to all the elements. The img element where the attributes are style and align. The img element where the source attribute of the image is a file with the .jpeg extension. This is an example of a regular expression pattern that matches an attribute value. The iframe element. On this page Send Feedback Previous Topic Next Topic
Configure HTML sanitizer You must modify a script include to make configuration changes to the HTML sanitizer. Before you beginRole required: admin Procedure Navigate to System Definition > Script Includes. Open HTMLSanitizerConfig. To add items to the black list, use the HTML_BLACKLIST class. To add items to the white list, use the HTML_WHITELIST class. Use this format: HTML_XXXXLIST :{ globalAttributes :{ attribute:[attribute-name1,...], attributeValuePattern:{ attribute-name2:attribute-value-regex-pattern,...} },<html-element-name>:{// Same as Above},----} globalAttributes contains attribute or attributeValuePattern items that are applicable globally for all the HTML elements. attribute is a comma-separated list of attributes. attributeValuePattern is a dictionary of attribute to attribute-value-regex-pattern pairs. The attribute-value-regex-pattern is a regular expression which has to match the attribute value. Example Consider the following example: HTML_WHITELIST:{ globalAttributes:{ attribute:["id","name"],}, img:{ attribute:["style","align"], attributeValuePattern:{src:".*jpeg"}}, iframe:{},} It adds the following items to the white list: The global attributes id and name. This is a list of strings that can be applied globally to all the elements. The img element where the attributes are style and align. The img element where the source attribute of the image is a file with the .jpeg extension. This is an example of a regular expression pattern that matches an attribute value. The iframe element.
Configure HTML sanitizer You must modify a script include to make configuration changes to the HTML sanitizer. Before you beginRole required: admin Procedure Navigate to System Definition > Script Includes. Open HTMLSanitizerConfig. To add items to the black list, use the HTML_BLACKLIST class. To add items to the white list, use the HTML_WHITELIST class. Use this format: HTML_XXXXLIST :{ globalAttributes :{ attribute:[attribute-name1,...], attributeValuePattern:{ attribute-name2:attribute-value-regex-pattern,...} },<html-element-name>:{// Same as Above},----} globalAttributes contains attribute or attributeValuePattern items that are applicable globally for all the HTML elements. attribute is a comma-separated list of attributes. attributeValuePattern is a dictionary of attribute to attribute-value-regex-pattern pairs. The attribute-value-regex-pattern is a regular expression which has to match the attribute value. Example Consider the following example: HTML_WHITELIST:{ globalAttributes:{ attribute:["id","name"],}, img:{ attribute:["style","align"], attributeValuePattern:{src:".*jpeg"}}, iframe:{},} It adds the following items to the white list: The global attributes id and name. This is a list of strings that can be applied globally to all the elements. The img element where the attributes are style and align. The img element where the source attribute of the image is a file with the .jpeg extension. This is an example of a regular expression pattern that matches an attribute value. The iframe element.