Content Fragment Editor - Links with Personalization token gets removed due to Antisamy protection rules
priyankpardiwala opened this issue · 4 comments
priyankpardiwala commented
Steps to reproduce
- Create a new Content Fragment
- Use Link Plugin to author a hyperlink containing personalization token. For example: <%= targetData.viewInBrowserLink %>
- Save CF.
- The Content Fragment gets saved as expected. We can also see the crx/de that the markup for CF shows the tag with personalization token in href.
- Re-edit the fragment.
- Notice that the link is completely removed by CF Editor.
We checked the logs and we see messages indicating that the links were removed due to XSS/Antisamy protection.
github-jira-sync-bot commented
bpauli commented
Hi @priyankpardiwala, I have forwarded this issue to the CF Admin team. Looks like the disableXSSFiltering
option needs to be set.
priyankpardiwala commented
Hi @bpauli - is this something that we can do on our end via some form of customization OR would this need to be part of a Service Pack or a hotfix?