Uploaded image for project: 'OFBiz'
  1. OFBiz
  2. OFBIZ-11265

Getting policy error while editing html text data using cms

Attach filesAttach ScreenshotVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • None
    • 17.12.01, 18.12.01
    • None
    • None

    Description

      Service parameter with allow-html="safe" does not check the OWASP sanitizer flag ie. enabled or not and perform sanitization which causing policy error while editing text data

      getting following exception error:

      "In field [textData] by our input policy, your input has not been accepted for security reason. Please check and modify accordingly, thanks."

      Attachments

        Issue Links

        Activity

          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            jleroux Jacques Le Roux
            pradeep.choudhary1994 Pradeep Choudhary
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment