We're exploring several options to display a document on an external link. One option is to modify safehtml.xml to allow displaying file links: < regexp name="fileURL" value="\\s*file:.*"/> I've tried modifying the xml on the webserver, restarted webserver.. and in runtime_ear.. and restarted JBOSS, but it seems either does not work. To test, I've deleted mailto in: FROM: <regexp name="offsiteURL" value="((\\s)*(s?(ht|f)tp(s?)://|mailto:)[\\p{L}\\p{N}]+[~\\p{L}\\p{N}._=$%&;\\-?/+#,!@:\$\$*[^\\\\u0000-\\\\u007f ]]*(\\s)*)"/>. TO: <regexp name="offsiteURL" value="((\\s)*(s?(ht|f)tp(s?)://)[\\p{L}\\p{N}]+[~\\p{L}\\p{N}._=$%&;\\-?/+#,!@:\$\$*[^\\\\u0000-\\\\u007f ]]*(\\s)*)"/> But modifying both locations still allows mailto: links to display on forms. Any suggestions on where I should be looking? FYI, a couple other options would entail not modifying this file. Still in the gathering data phase... Help appreciated!... OriginalPostID-117342 OriginalPostID-117342

We're exploring several options to display a document on an external link. O

peterk over 10 years ago

We're exploring several options to display a document on an external link. One option is to modify safehtml.xml to allow displaying file links: <
regexp name="fileURL" value="\\s*file:.*"/>

I've tried modifying the xml on the webserver, restarted webserver.. and in runtime_ear.. and restarted JBOSS, but it seems either does not work.

To test, I've deleted mailto in:
FROM: <regexp name="offsiteURL" value="((\\s)*(s?(ht|f)tp(s?)://|mailto:)[\\p{L}\\p{N}]+[~\\p{L}\\p{N}._=$%&;\\-?/+#,!@:\$\$*[^\\\\u0000-\\\\u007f ]]*(\\s)*)"/>.
TO: <regexp name="offsiteURL" value="((\\s)*(s?(ht|f)tp(s?)://)[\\p{L}\\p{N}]+[~\\p{L}\\p{N}._=$%&;\\-?/+#,!@:\$\$*[^\\\\u0000-\\\\u007f ]]*(\\s)*)"/>

But modifying both locations still allows mailto: links to display on forms. Any suggestions on where I should be looking?

FYI, a couple other options would entail not modifying this file. Still in the gathering data phase... Help appreciated!...

Discussion posts and replies are publicly visible

Parents

0 Eduardo Fuentes
Appian Employee
over 10 years ago

Can you try the following approach and see if it works?

1. Stop the application server
2. Create a copy of of runtime_ear\\suite.ear\\lib\\appian-security.jar and rename the copy to appian-security.OOB
3. Open appian-security.jar with any ZIP utility such as 7-zip and navigate to \\appian-security.jar\\resources\\appian\\security\\antisamy\\. Drag and drop your modified XML to this JAR and confirm you will be replacing the safehtml.xml in the JAR
4. Restart the application server and confirm if the solution worked.
5. Document this customization so you can repeat this procedure whenever you upgrade Appian
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Reply

0 Eduardo Fuentes
Appian Employee
over 10 years ago

Can you try the following approach and see if it works?

1. Stop the application server
2. Create a copy of of runtime_ear\\suite.ear\\lib\\appian-security.jar and rename the copy to appian-security.OOB
3. Open appian-security.jar with any ZIP utility such as 7-zip and navigate to \\appian-security.jar\\resources\\appian\\security\\antisamy\\. Drag and drop your modified XML to this JAR and confirm you will be replacing the safehtml.xml in the JAR
4. Restart the application server and confirm if the solution worked.
5. Document this customization so you can repeat this procedure whenever you upgrade Appian
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Children

No Data