Notifications

1964 views

Description

HTML code in a catalog variable's help text field gets removed of onClick links.

Steps to Reproduce

  1. Create a catalog item.
  2. Create a variable.
  3. Enable Help Text on the variable.
  4. Insert html text containing two hyperlinks, for example:

    <B>To request an account for a single user, please enter the user name, department, email, phone, and company along with your reason for the request in the section below.<br>To request accounts for multiple users, an Excel file has been provided to you in this request. You will need to save this file locally, fill out the necessary information in the file and then attach it to this request by clicking on the paperclip icon below. </B>
    <a style="color: rgb(0, 102, 255);text-decoration:underline" href="get_file.do?name=externaluseracct_frm.xls" target="_blank">Click here to download the EXCEL file.</a>
    <br>
    <a onclick="saveCatAttachment(gel('sysparm_item_guid').value, 'sc_cart_item')">Attach Files here<a onclick="saveCatAttachment(gel('sysparm_item_guid').value, 'sc_cart_item')"><img title="Upload file now" width="16" height="16" border="0" src="images/icons/attachment.gifx"></img></a>

  5. Click Save.
  6. Click Try it.
  7. Expand More Information.
    The first link is clickable, but the second link for Attach File here is not clickable. The 
    onClick does not work properly.

Workaround

This is expected behavior. The HTML Sanitizer removes certain HTML tags based on the risk associated with them. Only white-listed tags are allowed to be embedded.

To use other tags, add them to the white list for the HTML Sanitizer.


Related Problem: PRB613582

Seen In

Eureka Patch 4 Hot Fix 1

Associated Community Threads

There is no data to report.

Article Information

Last Updated:2018-10-09 16:15:16
Published:2015-02-20