Filtering active content in Profiles
Profiles provides a filter that prevents users from creating rich text descriptions with malicious scripts that are executed when other users visit Profiles. You can enable or disable this component.
Before you begin
To edit configuration files, you must use the IBM® WebSphere® Application Server wsadmin client. See Starting the wsadmin client for information about how to start the wsadmin command-line tool.
About this task
Procedure
- Start the wsadmin client from the following
directory of the system on which you installed the Deployment Manager:
where app_server_root is the WebSphere® Application Server installation directory and dm_profile_root is the Deployment Manager profile directory, typically dmgr01.app_server_root\profiles\dm_profile_root\bin
You must start the client from this directory or subsequent commands that you enter do not execute correctly.
- Start the Profiles Jython script interpreter.
- To configure the
active content filter for Profiles, use
the following command:
ProfilesConfigService.updateConfig(property, value)
where- property is one of the editable Profiles configuration properties.
- value is the new value with which you want to set that property.
The following table displays information regarding the active filter property and the type of data you can enter for it.
Table 1. The active content filter property Option Description activeContentFilter.enabled Enables and disables filtering for active content of text entered into the About me and Background text input fields.
This property takes a Boolean value: true or false. The value must be formatted in lowercase.
For example, to disable filtering:
ProfilesConfigService.updateConfig("activeContentFilter.enabled","false")
- After making changes, you must check the configuration files back in, and you must do so during the same wsadmin session in which you checked them out for the changes to take effect. See Applying property changes in Profiles for information about how to save and apply your changes.