Incorrect behavior when inserting text containing the "<script>" tag in the activity log
Article ID: 106097
Updated On:
Products
CA Service Management - Asset Portfolio Management
CA Service Management - Service Desk Manager
Issue/Introduction
When inserting an activity in the ticket, such as an update status, log comment, solution, etc, if in User Description field of the activity is typed a text containing the HTML tags <script> </script>, the CA Service Desk Manager (SDM) does not translate it correctly, and the list of activities in the ticket Activity Log tab is not displayed properly anymore, hence cannot be read.
Ex.:
Ex.:
<Please see attached file for image>
<Please see attached file for image>
Environment
CA Service Desk Manager 17.0
CA Service Desk Manager 17.1
CA Service Desk Manager 17.1
Cause
The issue is related to the "keeptags=yes" parameter at the "list_alg.htmpl" form. Somehow the webengine is not handling the html <script> </script> tags properly, showing unexpected content under Activity Log tab.
Resolution
Change below line at the "list_alg.htmpl" form
from:
<PDM_MACRO name=lsCol hdr="Descrição" attr=description escape=JS2 export=no
fmtfunc=UnEscapeDesc keeptags=yes max_char=140 sort=no>
to:
<PDM_MACRO name=lsCol hdr="Descrição" attr=description escape=JS2 export=no
fmtfunc=UnEscapeDesc keeptags=no max_char=140 sort=no>
After this modification, it is expected to be able to see the list of ticket activities under Activity Log again:
from:
<PDM_MACRO name=lsCol hdr="Descrição" attr=description escape=JS2 export=no
fmtfunc=UnEscapeDesc keeptags=yes max_char=140 sort=no>
to:
<PDM_MACRO name=lsCol hdr="Descrição" attr=description escape=JS2 export=no
fmtfunc=UnEscapeDesc keeptags=no max_char=140 sort=no>
After this modification, it is expected to be able to see the list of ticket activities under Activity Log again:
<Please see attached file for image>
Additional Information
Note:
It is recommended to use the Web Screen Painter (WSP) tool for modifications of form files; check related articles to publish schema changes using WSP:
How does web screen painter work? What files are modified while previewing, editing and publishing a form?
How to Perform Schema Changes using Web Screen Painter on Advanced Availability Configuration
This behavior was identified only at CA SDM 17.0 and 17.1 releases; it works on 17.1.0.1 (Rollup 01);
It works at previous SDM 14.1 CP4 and 14.1 CP5 releases.
It is recommended to use the Web Screen Painter (WSP) tool for modifications of form files; check related articles to publish schema changes using WSP:
How does web screen painter work? What files are modified while previewing, editing and publishing a form?
How to Perform Schema Changes using Web Screen Painter on Advanced Availability Configuration
This behavior was identified only at CA SDM 17.0 and 17.1 releases; it works on 17.1.0.1 (Rollup 01);
It works at previous SDM 14.1 CP4 and 14.1 CP5 releases.
Attachments
Feedback
Yes
No
Powered by
