Iframe src attribute is getting discarded by HTMLSanitizer even if in the inclusion list in script include HTMLSanitizerConfig - Known Error

Iframe src attribute is getting discarded by HTMLSanitizer even if in the inclusion list in script include HTMLSanitizerConfig Description The iFrame src attribute is getting discarded by the HTMLSanitizer even if it is added in the inclusion list in the script include HTMLSanitizerConfig.

Steps to Reproduce

Make sure that the system properties below are present and set to true: glide.html.sanitize_all_fields glide.translated_html.sanitize_all_fields

Open the script include " HTMLSanitizerConfig "

Add iframe src and other attributes in the html inclusion list object as follows: iframe: { attribute: ["width", "height", "controls", "autoplay", "loop", "muted", "poster", "preload", "allow","allowfullscreen", "frameborder","src"], attributeValuePattern: {} },

Create any knowledge article and add below code in the HTML Source code of the "Article body"

Save the form and check the HTML Source code of the "Article body". The src attribute is stripped off and showing as

Debug shows:

HTMLSanitizer: Context:tableName=kb_knowledge,columnName=text,displayValue=,sys_id=2417dd4fdb455010502b16f35b961971 Element:iframe Discard attribute(s):src,

Workaround This problem has been fixed. If you are able to upgrade, review the Fixed In section to determine the latest version with a permanent fix your instance can be upgraded to.

One of the two alternative workarounds can be used:

- Disable HTML sanitizer at field level:

Open the dictionary entry of the HTML Field (in this case, Article body) Under Related lists > Attributes > Add a new attribute "HTML Sanitize" and set it to "false" - Any website that you want in an iFrame has to be listed in 'sys_properties' > 'glide.html.enable_media_sites'.