HTML Sanitization removes target=_blank from URL

0
We have a news module where people with certain rights can enter news. We use the rich text editor, so it is more basic. You can paste hyperlinks in this editor and it gives automatically target=”_blank”, what we want. But when we save we check with the community commons XSSSanitive javascript whether there is unwanted HTML code in the string. We added LINKS so links woud be enabled, but this script changes the target=”_blank” to rel=”nofollow”. We want the url to open in a new tab, but that's not going to happen right now. Does anyone know what I can do within the javascript or Mendix to get the URL to open in a new tab?   Thanks in advance!
asked
3 answers
1

Not sure if a html snippet “widget” would be helpful to put on the Display page, as you can use Jquery option inside the widget to remove the “rel” attribute then add the “target” attribute on the desired links .

Regards.

 

 

answered
2

Hello Lisa,

Have you tried out the different policies in the XSSSanitise Java action? 

It might be that another policy might suit your needs.

Hope this helps.

answered
1

Use htmlsnippet widget and have the following javascript snippet inside it.

window.open(encodeURI('https://www.google.com/'),'_system','transition=fliphorizontal');

answered