Using Anti Sammy plugin

留言板

David Weitzel，修改在7 年前。

Using Anti Sammy plugin

Junior Member 帖子: 65 加入日期: 15-10-7 最近的帖子

Not sure this is the right forum but seems it should get visibility.
If I install the Anisammy plugin (for 6.2 EE) will all POST requests with HTML or text fields be scanned independent of the source portlet?
In other words do I have to add this explicitly to my portlet or once installed does it get done site wide?
I cannot see where the scanning is done within the core code for say Journal Content.addArticle() for example so am thinking it is done during request handling?

David H Nebinger，修改在7 年前。

RE: Using Anti Sammy plugin

Liferay Legend 帖子: 14917 加入日期: 06-9-2 最近的帖子

If you check the code for updateArticle() in JournalArticleLocalServiceImpl, you'll see it calls out to format() which is a protected method and, in that method, the SanitizerUtil.sanitize() method is called to sanitize incoming content.

So it is a manual effort, you would need to invoke the same SanitizerUtil.sanitize() methods in the similar way. Note that you can invoke the util method whether Antisamy is installed or not.

Come meet me at the LSNA!