ofbiz-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ingo Wolfmayr <ingo.wolfm...@wolfix.at>
Subject AW: ProductCategory LongDescription entity values
Date Mon, 23 Feb 2015 23:23:02 GMT
Thanks, found it.


Mag. Ingo Wolfmayr
Wolfix Solutions e.U.
Mozartstraße 4
5282 Ranshofen
Telefon: +43 (0) 772262269
Mobil: +43 (0) 664 2549626
Web: www.wolfix.at
E-Mail: kontakt@wolfix.at

-----Ursprüngliche Nachricht-----
Von: Jacques Le Roux [mailto:jacques.le.roux@les7arts.com] 
Gesendet: Donnerstag, 19. Februar 2015 23:34
An: user@ofbiz.apache.org
Betreff: Re: ProductCategory LongDescription entity values

I guess you mean 12.04 or 13.07. Anyway in this case it does not matter.

You need to allow this parameter to pass, use allow-html="any"
for the description parameter in the definition of the service used (you might need to override
this attribute)

Note that this allows for possible XSS hijacking, depending on your UI. Normally not a worry
in an intranet...


Le 19/02/2015 17:58, Ingo Wolfmayr a écrit :
> Hi All,
> I try to add HTML text (formated) into the longDescription field of ProductCategory like:
<p>lorem ipsum</p> When I do so it get the following error message:
> "In field [longDescription] less-than (<) and greater-than (>) symbols are not
> I have tried to trace it back to the line of code where the validation takes place, but
could not find it. Can someone help me find the responsible line of code to be able to deactivate
it for the longDescription of the ProductCategories.
> I am using 13.04
> Thanks,
> Ingo

View raw message