You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@ofbiz.apache.org by Ingo Wolfmayr <in...@wolfix.at> on 2015/02/19 17:58:45 UTC

ProductCategory LongDescription entity values

Hi All,

I try to add HTML text (formated) into the longDescription field of ProductCategory like: <p>lorem ipsum</p> When I do so it get the following error message:
"In field [longDescription] less-than (<) and greater-than (>) symbols are not allowed."

I have tried to trace it back to the line of code where the validation takes place, but could not find it. Can someone help me find the responsible line of code to be able to deactivate it for the longDescription of the ProductCategories.

I am using 13.04

Thanks,
Ingo

AW: ProductCategory LongDescription entity values

Posted by Ingo Wolfmayr <in...@wolfix.at>.

Thanks, found it.

Ingo

Mag. Ingo Wolfmayr
Wolfix Solutions e.U.
Mozartstraße 4
5282 Ranshofen
Telefon: +43 (0) 772262269
Mobil: +43 (0) 664 2549626
Web: www.wolfix.at
E-Mail: kontakt@wolfix.at


-----Ursprüngliche Nachricht-----
Von: Jacques Le Roux [mailto:jacques.le.roux@les7arts.com] 
Gesendet: Donnerstag, 19. Februar 2015 23:34
An: user@ofbiz.apache.org
Betreff: Re: ProductCategory LongDescription entity values

I guess you mean 12.04 or 13.07. Anyway in this case it does not matter.

You need to allow this parameter to pass, use allow-html="any"
for the description parameter in the definition of the service used (you might need to override this attribute)

Note that this allows for possible XSS hijacking, depending on your UI. Normally not a worry in an intranet...

Jacques


Le 19/02/2015 17:58, Ingo Wolfmayr a écrit :
> Hi All,
>
> I try to add HTML text (formated) into the longDescription field of ProductCategory like: <p>lorem ipsum</p> When I do so it get the following error message:
> "In field [longDescription] less-than (<) and greater-than (>) symbols are not allowed."
>
> I have tried to trace it back to the line of code where the validation takes place, but could not find it. Can someone help me find the responsible line of code to be able to deactivate it for the longDescription of the ProductCategories.
>
> I am using 13.04
>
> Thanks,
> Ingo
>

Re: ProductCategory LongDescription entity values

Posted by Jacques Le Roux <ja...@les7arts.com>.

I guess you mean 12.04 or 13.07. Anyway in this case it does not matter.

You need to allow this parameter to pass, use
allow-html="any"
for the description parameter in the definition of the service used (you might need to override this attribute)

Note that this allows for possible XSS hijacking, depending on your UI. Normally not a worry in an intranet...

Jacques


Le 19/02/2015 17:58, Ingo Wolfmayr a écrit :
> Hi All,
>
> I try to add HTML text (formated) into the longDescription field of ProductCategory like: <p>lorem ipsum</p> When I do so it get the following error message:
> "In field [longDescription] less-than (<) and greater-than (>) symbols are not allowed."
>
> I have tried to trace it back to the line of code where the validation takes place, but could not find it. Can someone help me find the responsible line of code to be able to deactivate it for the longDescription of the ProductCategories.
>
> I am using 13.04
>
> Thanks,
> Ingo
>