Rajshri Mohan K S Rajshri Mohan K S - 3 years ago 205
C# Question

RADEditor in Sitefinity 10.1.6500.x removes mailto links upon save

In Sitefinity 10.1.65xx.x (including 10.1.6523.0), the RADEditor removes

links from a dynamic content when you save it.

Here are the steps to reproduce the issue:

  1. Create a new project using Sitefinity Project Manager for Sitefinity

  2. Login in to the backend GUI and go to
    Content > News
    and create a new news post.

  3. Type some text and select it and choose the
    Insert Link

  4. Choose the type of link as
    Link and give some email address there and insert it.

  5. If you switch to HTML view now, you can see the tag as something like
    <a href="mailto:<whatever-email-given>">Text</a>

  6. Click the
    Save as Draft

You should see that the contents have changed to
. Essentially the
is stripped off.

Normal links work perfectly fine. And this happens in all dynamic content types like News, Blog, etc. The Content Block widgets don't have this issue.

What is going on here? Can someone please clarify?

Answer Source

We raised the issue in Sitefinity's forums and this is what ensued:


Apparently, a new Data Processing Framework layer is introduced in Sitefinity in 10.1.xxxx.x that is breaking Sitefinity's own functionality. I've no idea why a majority of the people weren't able to replicate the issue. But the solution involves extending the default XSS Sanitizer and adding the tel: and mailto: protocols to the default whitelist. The answer is described in detail here: https://knowledgebase.progress.com/articles/Article/Shared-Content-Block-and-Long-Text-Field-filters-HTML-even-after-setting-RadEditor-filters-to-None

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download