You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@sling.apache.org by Jens Lauterbach <je...@netcentric.biz> on 2016/10/06 10:53:54 UTC

AntiSamy - Namespaced tags

Hello,

I am currently trying to modify the "anti-samy-rules” that are used by org.apache.sling.xss.* to allow for tags that are “namespaced” (for lack of a better description):

<myNamespace:myTag [attributes…]>

So far I was not able to get that working. I tried the following “tag” definitions:

<tag name="myNamespace:myTag" action="validate”/> <!— naive approach —>
<tag name=“myNamespace\:myTag" action="validate”/> <!— trying to escape the : —>
<tag name="myNamespace&#58;myTag" action="validate”/> <!— trying to encode the : —>

The result of the first tag definition is the following exception:

java.lang.RuntimeException: Unable to scan input
    at org.apache.sling.xss.impl.HtmlToHtmlContentContext.filter(HtmlToHtmlContentContext.java:71)

The other two don’t seem to work at all. My tag is removed completely from the HTML.

To test my basic approach I removed the namespace from the tag and changed the tag definition which worked smoothly:

<myTag [attributes…]>
<tag name="myTag" action="validate”/>

Any ideas how I might be able to solve this?

Best regards
Jens

Jens Lauterbach | Software Engineer
Netcentric Deutschland GmbH
M: +49 160 3374121
jens.lauterbach@netcentric.biz| www.netcentric.biz
Other disclosures according to § 35a GmbHG, § 161, 125a HGB: www.netcentric.biz/imprint.html