[MGNLUI-7422] Configure default SafeHtmlValidatorDefinition to support globallyAllowedAttributes Created: 15/Aug/22 Updated: 07/Nov/22 Resolved: 02/Nov/22 |
|
| Status: | Closed |
| Project: | Magnolia UI |
| Component/s: | None |
| Affects Version/s: | 6.2.22 |
| Fix Version/s: | 6.2.26 |
| Type: | Improvement | Priority: | Neutral |
| Reporter: | Viet Nguyen | Assignee: | Quach Hao Thien |
| Resolution: | Done | Votes: | 1 |
| Labels: | RichTextField, VN-Analysis | ||
| Σ Remaining Estimate: | Not Specified | Remaining Estimate: | Not Specified |
| Σ Time Spent: | 4d 4.5h | Time Spent: | 3d 4.5h |
| Σ Original Estimate: | Not Specified | Original Estimate: | Not Specified |
| Issue Links: |
|
||||||||||||||||||||||||||||||
| Sub-Tasks: |
|
||||||||||||||||||||||||||||||
| Template: | |||||||||||||||||||||||||||||||
| Acceptance criteria: |
Empty
|
||||||||||||||||||||||||||||||
| Task DoD: |
[X]*
Doc/release notes changes? Comment present?
[X]*
Downstream builds green?
[X]*
Solution information and context easily available?
[X]*
Tests
[X]*
FixVersion filled and not yet released
[ ] 
Architecture Decision Record (ADR)
|
||||||||||||||||||||||||||||||
| Release notes required: |
Yes
|
||||||||||||||||||||||||||||||
| Documentation update required: |
Yes
|
||||||||||||||||||||||||||||||
| Date of First Response: | |||||||||||||||||||||||||||||||
| Epic Link: | richTextField HTML validation | ||||||||||||||||||||||||||||||
| Sprint: | Nucleus 22 | ||||||||||||||||||||||||||||||
| Story Points: | 3 | ||||||||||||||||||||||||||||||
| Team: | |||||||||||||||||||||||||||||||
| Description |
|
Currently customers facing difficulties when using RichText Editor due to our newly introduced Global Validators - SafeHtmlValidatorDefinition. Please improve this by adding as much as possible tags and attributes that does not an attack vector for XSS. There were expectations to made this natively supported by us. |