f5-appsvcs-extension icon indicating copy to clipboard operation
f5-appsvcs-extension copied to clipboard
verified publisher icon F5Networks

HTML rule "content" property should handle said HTML content

Open MicSkr opened this issue 1 year ago • 1 comments

Environment

  • Application Services Version: 3.48
  • BIG-IP Version: 17.1

Summary

HTML_rule "content" property will contain HTML content. HTML content could include double quotes, javascript, and other non-alphanumeric characters. This needs to better handle HTML content.

https://clouddocs.f5.com/products/extensions/f5-appsvcs-extension/latest/refguide/schema-reference.html#html-rule

Steps To Reproduce

Steps to reproduce the behavior:

  1. Submit the following object in a declaration: Example 1
{
    "class": "HTML_Rule",
    "remark": "Some HTML Content Rule",
    "ruleType": "tag-append-html",
    "match": { "tagName": "/head" },
    "content": "<script src="website.js"></script>"
}

OR Example 2

{
    "class": "HTML_Rule",
    "remark": "Some HTML Content Rule",
    "ruleType": "tag-append-html",
    "match": { "tagName": "/head" },
    "content": "PHNjcmlwdCBzcmM9IndlYnNpdGUuanMiPjwvc2NyaXB0Pg=="
}
  1. Observe the following error response: Example 1 fails. Example 2 is literal Base64 in the HTML Rule content profile

Expected Behavior

HTML "content" property should handle said HTML content HTML "content" should support base64 encoding/decoding. This allows for javascript and other content that would typically include double quotes and other non-alphanumeric characters.

Actual Behavior

It is not possible to submit HTML content with quotes. It is not possible to submit Javascript. Base64 strings are placed literally into the Content HTML Profile rules.

MicSkr avatar Feb 05 '24 22:02 MicSkr

Please reach out to us at [email protected] in order for us to prioritize. Thanks.

sunitharonan avatar Feb 21 '24 18:02 sunitharonan