Sanitizing non HTML field

Go to solution
PavelP
Mega Sage

‎10-16-2018 12:14 AM

We are trying to sanitze feedback from web page, that is comming into a Comment field (string). The documentation mentiones the html_sanitize attribute can be used on all fields to fix that, however still after activating the attribute in dictionary, the field triggers unwanted code.

Am I missing some steps, or will it be necessary to change format of the field?

Thanks for your help.

0 Helpfuls
  • 1,792 Views
1 ACCEPTED SOLUTION

Go to solution
Alex Cox
ServiceNow Employee
ServiceNow Employee
In response to PavelP

‎10-17-2018 01:15 PM

Hi Pavel,

I played around in my dev instance a bit and I believe the documentation may be incorrect - specifically the part that it can be on any kind of field.  When I went into the dictionary entry for a string field and added the html_sanitize attribute - the record for the html_sanitize attribute itself explicitly stated that it is only applicable to HTML and Translated HTML fields in the "Applies to description" field.

I'll pass this discrepancy along as a Problem on HI. Either way - one of the two areas is incorrect.

In any event, I might suggest using a Business Rule to parse that field as it is updated, and remove any undesired tags.

Best of luck!

Alex

View solution in original post

6 REPLIES 6

Go to solution
Alex Cox
ServiceNow Employee
ServiceNow Employee
In response to PavelP

‎10-30-2018 02:11 PM

Hey there,

I don't know if you will be able to see it but I've just created PRB1313624 for this issue!

Best regards,

Alex

0 Helpfuls

Go to solution
Simon Ciglia
Giga Guru
In response to Alex Cox

‎04-15-2022 03:56 AM

any results :)?
Thank you in advance

Simon

0 Helpfuls