Find your people. Pick a challenge. Ship something real. The CreatorCon Hackathon is coming to the Community Pavilion for one epic night. Every skill level, every role welcome. Join us on May 5th and learn more here.

How to use HTML sanitizer white list

miyu
Tera Guru

‎02-16-2022 04:25 PM

I want to whitelist the Notes protocol in html sanitizer.
I'm trying to implement it by referring to the following document, but I don't know how to do it.
I have edited Script Include as follows.

find_real_file.png
And I have entered the following in the HTML field I added to Incident.

find_real_file.png
However, it gets sanitized.

find_real_file.png
Is there a wrong way?

Preview file
10 KB
Preview file
14 KB
Preview file
8 KB
0 Helpfuls
  • 2,377 Views
2 REPLIES 2

Hitoshi Ozawa
Giga Sage

‎02-17-2022 06:39 PM

The problem is with the quotation mark in the <a> tag.

In the example, double quotation mark is “ while it should be ".

https://docs.servicenow.com/bundle/sandiego-platform-administration/page/administer/security/concept...

If the quotation mark is fixed, it will work as expected.

<p><a title="Lotus" href="Notes: //ABC/X575C90019DE33/ABC594DCB76D86EB4925653E0011C4C1/ZZ90B7E2D33964749257EEA003456FD" rel="nofollow">Lotus</a></p>

Execution result:

find_real_file.png

Preview file
4 KB

miyu
Tera Guru
In response to Hitoshi Ozawa

‎02-17-2022 10:04 PM

Thank you very much. It is no longer sanitized.
By the way, why can't I seem to go to the link destination when I click on the Lotus link I created?
I don't understand the behavior of the sanitized whitelist, so please tell me.

0 Helpfuls