Submit Feedback
Legacy Knowledge Base
Published Jun. 30, 2025

com.liferay.journal.model.JournalArticle whitelist is ignored in AntiSamy Sanitizer

Written By

Ahmed Abdin

How To articles are not official guidelines or officially supporteddocumentation. They are community-contributed content and may not alwaysreflect the latest updates to Liferay DXP. We welcome your feedback toimprove How to articles!

While we make every effort to ensure this Knowledge Base is accurate, itmay not always reflect the most recent updates or official guidelines.We appreciate your understanding and encourage you to reach out with anyfeedback or concerns.

Legacy Article

You are viewing an article from our legacy "FastTrack"publication program, made available for informational purposes. Articlesin this program were published without a requirement for independentediting or verification and are provided "as is" withoutguarantee.

Before using any information from this article, independently verify itssuitability for your situation and project.

Issue

I have an issue with the "com.liferay.journal.model.JournalArticle". Although it is whitelisted when I create web content by entering a <script> tag in the source of the content. A warning message is thrown in the log.

Reproduction Steps:

1. Start DXP 7.4 with 2023.Q4.4
2. Open Main Menu and go to Control Panel --> Configuration --> System Settings --> Security --> Security Tools --> System Scope and select "AntiSamy Sanitizer". Find "com.liferay.journal.model.JournalArticle" and verify that it is whitelisted.
3. Go to Content & Data --> Web Content and add basic web content, switch to the source, and add the following:

<p>Test</p>
<script>
alert('test')
</script>

4. Publish the web content
5. Check the logs

Expected Result: The content is published with no warning message in the log.

Actual Result: the content is published and a warning message appears in the log:

WARN  [http-nio-8080-exec-9][AntiSamySanitizerImpl:131] The script tag is not allowed for security reasons. This tag should not affect the display of

Environment

  • Liferay Quarterly Release 2023.q4.4

Resolution

  • The issue is a regression caused by LPD-15082 and is fixed by LPD-16050
  • You can upgrade to 2023.Q4.6+ or request a hotfix for LPD-16050
Did this article resolve your issue ?
Legacy Knowledge Base
Did this article resolve your issue ?