Question

XSSSanitize with login.html page (that comes by default when choosing production for security)

0

Hello! Please, how can I use XSSSanitize action from community commons on the default html login page?

asked 2023-10-26

Maryam LAQLII

1 answers

Bob van Heijster · Answer 1 · 2023-10-26

Hi Maryam,

What are you trying to achieve? The XSS Sanitize is being used to remove HTML tags from a string value. This is for example used when you have a string value including HTML tags and you want to get rid of the HTML tags by adding the defined policies.

As stated on the docs:

XSSSanitize – This removes all the potentially dangerous HTML from a string so that it can be safely displayed in a browser. This function should be applied to all HTML, which is displayed in the browser and can be entered by (untrusted) users.

You want to do this f.e. when there is a rich text editor field and you want to have the core value without the rich text.

If you just want to adjust the html code of the login.html file you can do that in your app explorer folder.