• State Verified Answer
  • Replies 8 replies
  • Subscribers 18 subscribers
  • Views 1248 views
  • Users 0 members are here
Options

Link scrubbing to same domain as community?

starksk

I'm seeing a strange behaviour in version 11.1.1.9982 that I'm sure is probably a setting somewhere that I haven't located.

My community URL is a subdomain of the larger company domain (eg: community.myCompany.com)

If I either reply to a forum thread or create a new forum thread and create a link (<a> tag) to content on the main company domain (e.g.: www.myCompany.com/somewhere/somepage) the <a> tag is scrubbed on the Post action.

If I create a link off site (e.g: www.google.com) the <a> tag remains.

This shouldn't be a permissions thing as it occurs with a full admin account as well.

What am I missing?



Added version number (11.1.1.9982)
[edited by: starksk at 4:47 PM (GMT 0) on Wed, Feb 26 2020]
Parents
  • 0

    Will you add that domain the whitelist in Administration -> Moderation -> Content Filtering -> Allowed Hosts. There are several checks on urls, one of which is to see if its resolving internally (potential SSRF attempt) and if so, it will strip it out.

  • 0 in reply to Kevin Cunningham

    I did add the domain to the whitelist (which caused the site to restart on save FYI) but that did not resolve the issue.

  • 0 in reply to starksk

    The link is stripped on save, not render so any content that was subject to this will have the text only still. Did you retest with new content after the save?

  • 0 in reply to Kevin Cunningham

    Yes, I expected the previous content to have been stripped, so I retested after the save with new replies and a new thread. Same results.

  • +1 in reply to starksk

    did you include www (per your example)? if so you'll need two entries, one with and one without. Note: The preview within the editor (Tools -> Preview) can be used to test without actual posting.

  • 0 in reply to Kevin Cunningham

    I did not (as the example on page had stripped the preceding data) but after including www, it does now work.

    Are wildcards allowed in this field so all subdomains could be included without explicit entries (e.g.: *.mycompany.com)?

Reply
  • 0 in reply to Kevin Cunningham

    I did not (as the example on page had stripped the preceding data) but after including www, it does now work.

    Are wildcards allowed in this field so all subdomains could be included without explicit entries (e.g.: *.mycompany.com)?

Children

About
Privacy Policy
Terms of use
Copyright 2024 Verint, Inc.
Powered by Verint Community