Uploaded image for project: 'Magnolia UI'
  1. Magnolia UI
  2. MGNLUI-7422

Configure default SafeHtmlValidatorDefinition to support globallyAllowedAttributes

XMLWordPrintable

    • Icon: Improvement Improvement
    • Resolution: Done
    • Icon: Neutral Neutral
    • 6.2.26
    • 6.2.22
    • None
    • Yes
    • Yes
    • Nucleus 22
    • 3

      Currently customers facing difficulties when using RichText Editor due to our newly introduced Global Validators - SafeHtmlValidatorDefinition.
      Customer need to decorate "/ui-framework-core/config.yaml" to allow some basic attributes such as "class" and "style" for mostly usage tags such as "p" and "h1,h2,h3,h4".

      Please improve this by adding as much as possible tags and attributes that does not an attack vector for XSS.
      Customer don't want to "workaround" in this case due to overlapping of the workaround and future improvement. Also applying any "workaround" would bear with it the maintenance costs from customers side.

      There were expectations to made this natively supported by us.
      Expected result:
      High frequently usage tags and attributes should have been in place in "/ui-framework-core/config.yaml" for normal usage.

        Acceptance criteria

              thien.quach Quach Hao Thien
              viet.nguyen Viet Nguyen
              Nucleus
              Votes:
              1 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated:
                Resolved:

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - Not Specified
                  Not Specified
                  Logged:
                  Time Spent - 4d 4.5h
                  4d 4.5h