[
https://issues.apache.org/jira/browse/OFBIZ-9664?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16608363#comment-16608363
]
Jacques Le Roux commented on OFBIZ-9664:
----------------------------------------
Thanks Sebastian,
I'll just add that people should be carefull with this workaround. Because it
removes some security in all other parts where sanitizer.permissive.policy is
used, ie where HtmlEncoder::sanitize is used. I explained it a bit more in
OFBIZ-10187
> OFBiz 16 migration - HTML content filtered
> -------------------------------------------
>
> Key: OFBIZ-9664
> URL: https://issues.apache.org/jira/browse/OFBIZ-9664
> Project: OFBiz
> Issue Type: Bug
> Components: content, ecommerce
> Affects Versions: 16.11.03
> Reporter: Sebastian Wachinger
> Priority: Minor
> Fix For: Trunk, 16.11.05
>
>
> Perhaps this is no bug, but a new feature: After migrating to OFBiz 16,
> content of type "Long Text" containing HTML is now displayed in the ecommerce
> shop frontend with certain attributes deleted, e.g. "class" and "id". Is
> there a config file to allow those attributes to be displayed?
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
