Hi Nadun,

Can you please attach here the template attribute of <template type="event
publisher"> in your template regarding the email publisher.

Thanks,
Damith



On Wed, Feb 14, 2018 at 2:40 PM, Nadeeshani Pathirennehelage <
nadeesha...@wso2.com> wrote:

> Hi Nadun,
>
> You may try to encode the characters in the UI level as in [1]. Encode the 
> required
> parameters using *Encode.forHtmlContent*  or suitable encoding type.
>
> For more information about output encoding, follow the Secure Engineering
> Guideline [2]. This might help to resolve the issue.
>
> [1] https://github.com/wso2/carbon-analytics-common/blob/
> v5.1.21/components/template-manager/org.wso2.carbon.event.
> template.manager.ui/src/main/resources/web/template-manager/template_
> configurations_ajaxprocessor.jsp#L305
> [2] https://wso2.com/technical-reports/wso2-secure-
> engineering-guidelines#A23
>
> Thanks,
> Nadeeshani.
>
> On Wed, Feb 14, 2018 at 2:09 PM, Nadun De Silva <nad...@wso2.com> wrote:
>
>> Hi,
>>
>> I am working on a notifications system for the password rotation policy
>> authenticator in IS Analytics (C4) [1]. I am trying to set the email body
>> (of type text/html) of the email event publisher using the template manager.
>>
>> However, *I get this error* when I try to do this. (There are no logs
>> shown in the console)
>>
>>
>> ‚Äč
>> *The value entered:*
>>
>> Hi {{username}},<br><br>Your password for the account in WSO2 Identity
>> Server had expired. Your account details are as follows.<br><br>Username :
>> {{username}}<br>UserStoreDomain : {{userStoreDomain}}<br>Email Address :
>> {{email}}<br><br>Please login and change your password.<br><br>Thank
>> you!<br><br>Regards,<br>WSO2 IS<br>
>>
>>
>> After debugging I found out that this is because "<" and ">" characters
>> don't get encoded [2] from the UI and because of that the Apache Axiom
>> library [3] used for parsing throws an error because of this. (Please
>> correct me if I am wrong)
>>
>> Is there a workaround for this? If not, shouldn't we support this?
>>
>> Thank you!
>>
>> Regards,
>> Nadun De Silva
>>
>> [1] mail : [Architecture] Password Rotation Policy Authenticator
>> [2] https://github.com/wso2/carbon-analytics-common/blob/v5.
>> 1.21/components/template-manager/org.wso2.carbon.event.templ
>> ate.manager.ui/src/main/resources/web/template-manager/
>> template_configurations_ajaxprocessor.jsp#L312
>> [3] https://ws.apache.org/axiom/
>>
>> --
>> *Nadun De Silva*
>> Software Engineer | WSO2
>>
>> Email: nad...@wso2.com
>> Mobile: +94778222607 <+94%2077%20822%202607>
>> Web: http://wso2.com
>>
>> <http://wso2.com/signature>
>>
>> _______________________________________________
>> Architecture mailing list
>> Architecture@wso2.org
>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
>>
>>
>
>
> --
> Pathirennehelage Nadeeshani
> Software Engineer | WSO2 Inc.
> Platform Security Team
> mobile : +94 716545223 <+94%2071%20654%205223>
>
>


-- 
Senior Software Engineer
WSO2 Inc.; http://wso2.com
<http://www.google.com/url?q=http%3A%2F%2Fwso2.com&sa=D&sntz=1&usg=AFQjCNEZvyc0uMD1HhBaEGCBxs6e9fBObg>
lean.enterprise.middleware

mobile: *+94728671315*
_______________________________________________
Architecture mailing list
Architecture@wso2.org
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture

Reply via email to