HTML special character is converted to its corresponding HTML code on Save.
This can be reproduced on many fields on many objects.
STEPS TO REPRODUCE:
1. Go to Risks page.
2. Create a new Risk or edit an existing.
3. In Description field type in "PPM can't go live with new version --> Paper reporting required".
4. Click Save.
Expected Result: Value stays as "PPM can't go live with new version --> Paper reporting required"
Actual Result: Value changes to "PPM can't go live with new version --> Paper reporting required"
This has been reported as Defect DE52267
Clarity PPM 15.x
SE (Sustaining Engineering) has determined this is not a defect. This is intended as per the current design.
Clarity has a protection against XSS protection, hence in order to mitigate the same it converts HTML Character to HTML Code.
We only allow the comment tag ("-->") in case of a gel script.
Running the below query will list out all the XSS patterns and clarity does a pattern match and converts the HTML character to HTML code.
Select * from CMN_OPTION_VALUES where OPTION_ID = (select ID from CMN_OPTIONS where OPTION_CODE = 'CMN.XSS.PATTERNS')