Configure the active content filter for Blogs and WikisIBM Connections provides a set of active content filter (ACF) configuration files that you can apply to the Blogs or Wikis applications to limit or widen the types of content that users can add to their blog posts or wiki pages.
Before you beginThis is not a required procedure. Only perform this if you want to change the level of filtering performed by the active content filter.
By default, Blogs and Wikis filter active content in the following ways:
- You can change the formatting of content within rich text fields and styles can be added using HTML.
- Forms are permitted and the content is saved as HTML.
- Flash animations are permitted.
The following configuration files are shipped with IBM Connections and stored in the LotusConnections-config\extern directory. To change the level of filtering that is performed by the active content filter, you can replace the default configuration file with one of these files.
Allows style changes, allows forms, but strips flash. Flash is a format used for videos and animated content.
Allows style changes, but strips forms and flash. The types of forms that are not allowed are form HTML elements. Form HTML elements are used to add things like buttons or fields to a web page.
Allows forms, but strips style changes and flash. Preventing style changes affects rich text fields. If you configure the active content filter to prevent style changes, then users will not be able to perform the common tasks associated with changing the style of rich text content, such as changing the font color, margins, and so on.
Prevents style changes and strips forms and flash.
Allows style changes, allows forms, and allows flash. This file is the default file used by Blogs and Wikis.
Allows style changes and flash, but strips forms.
Allows forms and flash, but strips style changes.
Allows flash, but strips style changes and forms.
Prevents users from changing the margins on images and strips flash.
Allows flash, but prevents users from changing the margins on images.
To edit configuration files, use the wsadmin client. See Starting the wsadmin client for details.
- Edit LotusConnections-config.xml.
- Enter the following command to access the IBM Connections configuration file: execfile("connectionsConfig.py")
If prompted to specify a service to connect to, type 1 to pick the first node in the list. Most commands can run on any node. If the command writes or reads information to or from a file using a local file path, pick the node where the file is stored. This information is not used by the wsadmin client when you are making configuration changes.
- Check out the IBM Connections configuration files:
- <working_directory> is the temporary working directory to which the configuration XML and XSD files are copied and are stored while you make changes to them. Use forward slashes to separate directories in the file path, even if you are using the Microsoft™ Windows™ operating system.
AIX and Linux™ only: The directory must grant write permissions or the command does not run successfully.
- <cell_name> is the name of the WAS cell hosting the IBM Connections application. This argument is case-sensitive, so type it with care. To obtain the cell name:print AdminControl.getCell()
- AIX or Linux:LCConfigService.checkOutConfig("/opt/temp","foo01Cell01")
- Microsoft Windows:LCConfigService.checkOutConfig("c:/temp","foo01Cell01")
- Open LotusConnections-config.xml in a text editor.
- Find the <sloc:serviceReference> element for the application to which you want to change filtering levels. The application name is specified in the serviceName attribute.
Change the active content filter configuration for the applications with the following serviceName attributes:
- Add the following attribute to the <sloc:serviceReference> element for the application you want to change:
where <file_name> is one of the files described in the list above.
For example, to configure the Blogs application to allow style changes, but strip forms and flash, you would add the acf_config_file element:
<sloc:serviceReference bootstrapHost="myServer.example.com" bootstrapPort="2817" clusterName="" enabled="true" serviceName="blogs" ssl_enabled="true" acf_config_file="acf-config-nf.xml"> <sloc:href> <sloc:hrefPathPrefix>/blogs</sloc:hrefPathPrefix> <sloc:static href="http://enterprise.example.com:9082" ssl_href="https://enterprise.example.com:9447"/> <sloc:interService href="https://enterprise.example.com:9447"/> </sloc:href> </sloc:serviceReference>
- Repeat Steps d and e to apply different filtering levels to different applications, and then save and close the configuration file.
- After making changes, check the configuration file back in and do so during the same wsadmin session in which you checked them out for the changes to take effect. See Apply common configuration property changes for information about how to save and apply your changes.
- Synchronize the nodes using the Integrated Solutions Console for the network deployment system.
- Restart the WAS.
Parent topicSecuring applications from malicious attack