Aristotle Metadata Registry help documentation
  • Welcome to the Aristotle Metadata Knowledge Base
  • Finding and Viewing Metadata
    • Search
      • Using omnisearch to find registry content
      • Using advanced search filters to find registry content
        • Advanced Search: Help
    • Browsing the registry
    • Item page breakdown
    • Searching for Alternate Names in the Search Bar
    • Viewing related items and graphs
    • Compare different versions of a metadata item
    • Bulk actions
    • Downloading Content
    • Generating an API token
  • Personalisation
    • Navigation Choices on 'My Dashboard'
    • Managing your account
    • How to reset your password
    • Invite/Reset Password Link Is expired
    • How to set up multi factor authentication
    • Roles in the registry
    • Viewing your roles
    • Favouriting and tagging content
    • Notifications
  • Creating and Editing
    • My sandbox
    • Metadata Toolbox
    • Creating metadata items
      • Creating a data element or data element concept
      • Creating a metadata item with a single item creation wizard
    • Editing content
    • Cloning
    • Deleting metadata items
    • Restore Deleted Content
    • How to create and link quality statements
    • How to create and link glossary items
    • How to record data lineage
    • How to add alternative names to a metadata item
    • How to move individual and bulk metadata into a collection
    • Upload Metadata Using Bulk Import Feature
    • HTML Sanitization
    • Version Control - Supersede
    • Classifications
    • How to link Quality statement to an Indicator?
    • Dataset Grouping
    • Property Groups
      • How to Create Property Groups In Aristotle Registry?
    • Object Class Specialisation
      • How to create an object class specialisation
  • Collaborating within the registry
    • Aristotle Help
    • How to add content to workgroups
    • Reviews
    • Aristotle metadata community
    • How to create Collections and Sub Collections
    • Issues and Change Requests
      • Creating an issue label
      • Creating an issue
      • Viewing all issues
      • Proposing a change request
    • Metadata History: Comparing change logs
  • Registration Authorities
    • Creating and editing registration authorities
      • Validation Rules
        • Setting validation rules
          • Writing validation rules
    • Directly endorsing metadata items
    • Managing members of a registration authority
  • Administrator Tasks
    • Managing user accounts
    • Creating and maintaining a Stewardship Organization
    • Creating and managing workgroups
    • Managing and adding members to a workgroup
    • Add a user to Multiple Stewardship Organizations and Workgroups
    • Creating and editing namespaces and identifiers
      • Configuring manually triggered incremental identifiers
      • Configuring automatically triggered incremental identifiers
    • Deactivating a user account
    • View CRUD (Create, Read, Update and Delete) Changes
    • View deleted items using query string
    • Contact Form
    • Custom Item Templates
      • Creating and editing custom item templates
        • Creating and editing sub-pages
      • Creating metadata items using custom item templates
    • Task Runner
      • Resolving issues with the search function using reindex
      • Populating help pages using load help
      • Resolving issues with item visibility by recaching visibility
      • Viewing all recent and historical task runner information
    • Aristotle Cloud Settings Editor
      • Adjusting visual settings
      • Adding and deleting header and footer links
      • Adjusting general registry settings
      • Adjusting metadata and functionality extensions
      • Making workgroup changes
      • Adjusting download options
      • Adjusting translation options
      • Adjusting search options
      • Adjusting spam detection options
    • Registry Customisation in Cloud Settings
    • Custom Domains
      • Requesting a custom domain
      • Setting up a custom domain
  • Registry configuration
    • How to customise a registry
    • Enabling self sign-up
    • Adjusting privacy mode settings
    • Adding a custom login message
    • Homepage Editor
      • Creating a custom homepage using the HTML editor
      • Creating a custom homepage using the safe editor
    • Adding custom HTML to the header and footer of the registry
    • Simple customisation of Header, Body, and Footer
    • Content policies
    • Adding custom fields
      • Custom Field: Structured Data (Json) Type
  • Stewardship Tasks
    • Collection publication and permissions
    • Publishing metadata
    • Creating and managing registration authorities
    • How to add members to a stewardship organisation
    • How to create alternative name types
    • Metadata Report Builder
    • Reference Document Uploads to the Registry
    • Linking reference documents to metadata items
    • Remove Metadata from Workgroup
    • Organization Records
      • Creating, managing and deleting an organization record
      • Linking an organization record to a metadata item
  • Subject Matter and Theory
    • What is metadata?
    • Data Dictionary
    • ISO/IEC 11179 data element representation
    • Bulk Import
    • Data Lineage
    • MAST(Metadata Analysis Standards Teamwork) Methodology and IDEAL Framework
      • Aristotle metadata user guides
  • Special features
    • Generating a Business Information Model using the Visualization Tool
    • Registering an app with the app store
    • Metadata Merger Tool
      • How to set up rules in the merger tool?
    • Federation
      • How do I federate content from another Aristotle Metadata Registry?
  • Geospatial Information
  • Checking for duplicates in the registry
  • Custom Field Bulk Uploader
    • Uploading structured data (JSON) custom fields
    • Bulk Importing Alternative names and Identifiers
  • System Users
  • Single Sign On
    • How to invite and update permissions of Aristotle Metadata staff on a client registry
  • Tablion - Data request portal
    • How to Extract Datasets from the Aristotle Metadata Registry into Tablion
  • Data Inventory View
  • Accessing the Aristotle Metadata Academy
Powered by GitBook
On this page
  1. Creating and Editing

HTML Sanitization

HTML sanitization is the process of cleaning and filtering HTML code to ensure it is safe to display and use. This process removes or neutralizes potentially harmful code that could be used for cross-site scripting (XSS) attacks or other malicious activities. Sanitizing HTML is crucial for maintaining the security and integrity of web applications.

How HTML Sanitization Works

HTML sanitization involves parsing the input HTML code and removing or escaping any potentially dangerous elements or attributes. The goal is to retain the safe, expected content while eliminating the risk of harmful actions.

Default Allowed Tags and Attributes

In our HTML sanitization process, we have a predefined set of tags and attributes that are allowed to ensure the security and integrity of the content. All other tags and attributes are blocked to prevent potential security risks.

Default Allowed Tags

These are the default tags allowed for user generated content everywhere in the Aristotle Metadata Registry. Any tags not listed here will be removed during the sanitization process:

<a>, <abbr>, <acronym>, <b>, <blockquote>, <br>, <code>, <col>, <colgroup>, <del>, <em>, <h1>, <h2>, <h3>, <h4>, <h5>, <h6>, <hr>, <i>, <img>, <ins>, <li>, <ol>, <p>, <strong>, <sub>, <sup>, <table>, <tbody>, <td>, <th>, <thead>, <tr>, <u>, <ul>

On custom pages, we also allow the <iframe> tag to accommodate additional functionality.

Default Allowed Attributes

In addition to allowing certain tags, we also specify which attributes are permitted for each tag to further control the content and ensure security. The following attributes are allowed:

  • Links (<a>): href, title, class, data-aristotle-concept-id, target

  • Abbreviations (<abbr>): title

  • Acronyms (<acronym>): title

  • Images (<img>): src, height, width, alt, style

  • Table Data (<td> and <tr>): colspan, rowspan, style

  • Table Headers (<th>): colspan, rowspan, style

  • Column Groups (<colgroup> and <col>): span

  • Strong Emphasis (<strong>): title

  • Tables (<table>): align, border, cellpadding, cellspacing

For custom pages, we also permit certain attributes for <iframe> elements, such as src, height, width, title, allowfullscreen, style, and sandbox.

Allowed CSS Styles

We also allow specific CSS styles to enable better control over the presentation of the content. These include:

  • height, width, background-color, vertical-align, text-align

This comprehensive approach to HTML sanitization ensures that we maintain a balance between functionality and security, allowing necessary content while preventing potential threats.

PreviousUpload Metadata Using Bulk Import FeatureNextVersion Control - Supersede

Last updated 9 months ago