Author Topic: still getting suspicious html warnings (Read 1174 times)

lcdweb · April 20, 2010, 05:59:56 am

I still regularly (but unpredictably) get the suspicious html warnings when editing reports. Even if I do something as basic as opening a default report, enabling it for the dashlets, and saving it -- I get the message. This significantly hampers usability.

I'm getting this on multiple sites, with different servers, so I have to believe there are others out there running into this as well. I've tried emptying the templates cache, but it has no effect.

What can we do to loosen the restrictions on this security mechanism?

Code: [Select]

Sorry. A non-recoverable error has occurred.

There is a validation error with your HTML input. Your activity is a bit suspicious, hence aborting

lcdweb · April 20, 2010, 03:17:47 pm

the issue seems to be that it doesn't like us including (importing) css files in the head tag. it flags the issue inconsistently (i'm able to save some reports that have the statement, and not others), which i don't understand. but i think there are two options:

add an exception for the report header in:
CRM/Core/IDS.php, line 115

or

alter the default filter so that it doesn't reject the @import statement:
packages/IDS/default_filter.xml, line 147

not sure the best solution.

CiviCRM Community Forums (archive)

News:

Author Topic: still getting suspicious html warnings (Read 1174 times)

lcdweb

still getting suspicious html warnings

lcdweb

Re: still getting suspicious html warnings