Jazz Forum Welcome to the Jazz Community Forum Connect and collaborate with IBM Engineering experts and users

[RTC 6.0.6]HTML widget don't use scriptcode by sanitize

Questions
Tags
Users
Badges
HIROAKI JOSAKO
(47430) Mar 25 '20, 9:23 p.m.

Upgrading RTC from ver5.0. 2 to ver6.0. 6 has made it more difficult than ever for HTML widget code to be sanitized.
Project area information, documentation, site maps, and workflows were represented using stylesheetscript and SVG.
The inability to do this hinders information visibility, user communication, and education.
Is there any code that can be used instead?
Please tell me about the reference wiki.

0 votes

Comments
Ian Wark
Mar 27 '20, 2:33 a.m.

Are you able to explain a little bit more about what issue you are encountering with regard to sanitizing HTML widget code? Does the code work? Is it just that there is a security risk with some parts of the new code allowing dangerous characters? If you could explain in more detail, then someone on the forum may be able to provide guidance.

HIROAKI JOSAKO
Mar 30 '20, 4:58 a.m.

detail at this SC
TS003512386

The code has been removed.
example
<style type = "text / css">
h1 {border-bottom: double 5px # FFC778} h2 {margin: 20px}
</ style>
Graphics using SVG tag

We recognize that it is not possible to implement an alternative on HTML in the SC's response.
If you have any ideas, please introduce them.

0 answers
1,031 views
0 votes

Be the first one to answer this question!

Register or log in to post your answer.

Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.

Ask a question
Guidelines
FAQ
Search context
Follow this question

By Email: 

Once you sign in you will be able to subscribe for any updates here.

By RSS:

Answers
Answers and Comments
Question details
× 12,023

Question asked: Mar 25 '20, 9:23 p.m.

Question was seen: 1,031 times

Last updated: Mar 30 '20, 4:58 a.m.

Confirmation Cancel Confirm