Using Anti Sammy plugin

掲示板

7年前に David Weitzel によって更新されました。

Using Anti Sammy plugin

Junior Member 投稿: 65 参加年月日: 15/10/07 最新の投稿

Not sure this is the right forum but seems it should get visibility.
If I install the Anisammy plugin (for 6.2 EE) will all POST requests with HTML or text fields be scanned independent of the source portlet?
In other words do I have to add this explicitly to my portlet or once installed does it get done site wide?
I cannot see where the scanning is done within the core code for say Journal Content.addArticle() for example so am thinking it is done during request handling?

7年前に David H Nebinger によって更新されました。

RE: Using Anti Sammy plugin

Liferay Legend 投稿: 14919 参加年月日: 06/09/02 最新の投稿

If you check the code for updateArticle() in JournalArticleLocalServiceImpl, you'll see it calls out to format() which is a protected method and, in that method, the SanitizerUtil.sanitize() method is called to sanitize incoming content.

So it is a manual effort, you would need to invoke the same SanitizerUtil.sanitize() methods in the similar way. Note that you can invoke the util method whether Antisamy is installed or not.

Come meet me at the LSNA!