on a first glance I can say that we definitely filter for unallowed tags, but I'm just unsure about the attributes.
When you post the external activity you get back the URL of this activity. When you view it from there, does that show already the behavior? Another thing to validate would be what body value you have in the jiveTileStreamEntry database table. I'm just trying to pinpoint if it gets stripped of these elements when we it gets into the system or when it gets rendered for the user.
If you can reproduce this on an instance where you cand ebug I recommend to set a breakpoint to
com.jivesoftware.api.core.v3.providers.content.ExternalStreamActivityProvider#updateStandardFields(com.jivesoftware.community.eae.tile.TileStreamEntry, com.jivesoftware.community.integration.tileinstance.TileInstance, org.json.JSONObject, boolean)
as the body gets mangled there by the HTML Cleaner. Let's see what we can get from there.
Thanks Nils for the response. Unfortunately I don't have access to an on-prem Jive instance I can debug that way (with breakpoints / database access)
Is there any way to get the HTML cleaner to "skip" certain text/tags? i.e. a way to bypass the cleaner without direct database access?
Nils Drews wrote:
When you post the external activity you get back the URL of this activity. When you view it from there, does that show already the behavior?
Not too sure what you mean by getting back the the URL for the activity. I don't see anything returned via the tile-activity stream integration apart from a log message to say its been posted.
I think this is hidden in the JS code. The pure API call which posts the external activity returns a URL with which you can see the activity. I'll dig into this further later on when I cleaned my plate from other stuff. My local test addon is just playing bad tricks on me thus I couldn't finish the investigations on friday (which includes the debugging I'm suggesting).