AnsweredAssumed Answered

safe HTML iframe - policy whitelist not working

Question asked by ryans on Aug 23, 2018
Latest reply on Sep 24, 2018 by ryans

Hi!  I have a mashup that inserts iframes, and it works for most BlackBoard environments I have tried it with.  Usually, I need to add a whitelist item to the safe HTML policy XML file, like this  (just a snippet):



<tag name="iframe" action="validate">
<attribute name="align" />
<attribute name="frameborder" />
<attribute name="height" />
<attribute name="longdesc" />
<attribute name="marginheight" />
<attribute name="marginwidth" />
<attribute name="name" />
<attribute name="scrolling" />
<attribute name="src">
<regexp value="/webapps/osv-kaltura-[A-Za-z0-9_]+/content/iframe.jsp" />
<regexp value="/webapps/wvms-bb-[A-Za-z0-9_]+/vtbe_va.*" />
<regexp value="*" />
<regexp value="*" />
<regexp value="http[s]?://.**" />
<regexp value="http[s]?://*" />
<regexp value="http[s]?://[A-Za-z0-9\.]**" />
<regexp value="http[s]?://[A-Za-z0-9\.]**" />
<regexp value="http[s]?://[A-Za-z0-9\.]**" />
<!-- ... and so on ... -->
<attribute name="width" />


I'm working with a school currently where this *isn't working*.  Even though the policy containing the above XML is active, the safe HTML tool is still stripping out the embedded page from  Is there something else I may be missing?


My only guesses where that the staff member I'm working with is on a non-production BlackBoard environment, or something, but that doesn't seem to be the case.