Join the #BuildWithBuildAgent Challenge! Get recognized, earn exclusive swag, and inspire the ServiceNow Community with what you can build using Build Agent.  Join the Challenge.

How to use HTML sanitizer white list

miyu
Tera Guru

‎02-16-2022 04:25 PM

I want to whitelist the Notes protocol in html sanitizer.
I'm trying to implement it by referring to the following document, but I don't know how to do it.
I have edited Script Include as follows.

find_real_file.png
And I have entered the following in the HTML field I added to Incident.

find_real_file.png
However, it gets sanitized.

find_real_file.png
Is there a wrong way?

Preview file
10 KB
Preview file
14 KB
Preview file
8 KB
0 Helpfuls
  • 1,753 Views
2 REPLIES 2

Hitoshi Ozawa
Giga Sage
Giga Sage

‎02-17-2022 06:39 PM

The problem is with the quotation mark in the <a> tag.

In the example, double quotation mark is “ while it should be ".

https://docs.servicenow.com/bundle/sandiego-platform-administration/page/administer/security/concept...

If the quotation mark is fixed, it will work as expected.

<p><a title="Lotus" href="Notes: //ABC/X575C90019DE33/ABC594DCB76D86EB4925653E0011C4C1/ZZ90B7E2D33964749257EEA003456FD" rel="nofollow">Lotus</a></p>

Execution result:

find_real_file.png

Preview file
4 KB

miyu
Tera Guru
In response to Hitoshi Ozawa

‎02-17-2022 10:04 PM

Thank you very much. It is no longer sanitized.
By the way, why can't I seem to go to the link destination when I click on the Lotus link I created?
I don't understand the behavior of the sanitized whitelist, so please tell me.

0 Helpfuls