Extension point sanitizer
Documentation
Specify the types of documents and fields to sanitize.
The following example configures just based on field names:
<sanitizer name="foo">
<field>note</field>
<field>comment:text</field>
</sanitizer>
The following specifies that only the note field of the Note type will be sanitized:
<sanitizer name="foo">
<type>Note</type>
<field>note</field>
</sanitizer>
The following example disables a sanitizer:
<sanitizer enabled="false" name="default"/>
Sanitizing can also be enabled on a field only if a field has a given value. This is useful when the same document field can contain text, html or wiki markup. For a webpage, you may want to only sanitize the webpages that are using HTML. Here is an example configuration.
<sanitizer name="foo">
<field filter="webp:isRichtext" filterValue="true">webp:content</field>
</sanitizer>
In this example the field webp:content will be sanitized only when the String representation of the webp:isRichtext is "true".
If you want to not sanitize when a given value is present, use:
<sanitizer name="foo">
<field filter="mime_type" filterValue="text/plain" sanitize="false">note</field>
</sanitizer>
Contribution Descriptors
- Class: org.nuxeo.ecm.platform.htmlsanitizer.HtmlSanitizerDescriptor
Existing Contributions
Contributions are presented in the same order as the registration order on this extension point. This order is displayed before the contribution name, in brackets.
-
<extension point="sanitizer" target="org.nuxeo.ecm.platform.htmlsanitizer.HtmlSanitizerService"> <sanitizer name="default"> <!-- <field>dc:description</field> --> <field filter="mime_type" filterValue="text/plain,text/x-web-markdown,text/xml" sanitize="false">note</field> <field>webc:welcomeText</field> <field filter="webp:isRichtext" filterValue="true">webp:content</field> <field>comment:text</field> <!-- <field>post:text</field> --> </sanitizer> </extension>