Gravatar for kiranb@techaspect.com

Question by Kiran Boreddy, Dec 20, 2018 1:57 PM

HTML tags in facet value - rendering as string & filtering not working

HI,

Our Sitecore content editors stored HTML tags in few fields, I know it's not good approach but for now we have to live with it. This is a computed index field and we have text like

A(ab<ital>' </ital>)<sub>2</sub>x

Coveo is indexing this as string and rendering correctly as `A(ab' )2x` when we use `{{= coveoFieldValue("fieldname") }}`. The issue is, this field is also a facet and it's displaying as full text in facet value

A(ab<ital>' </ital>)<sub>2</sub>x

Filtering is also not working as it is detected as a potentially dangerous request. Is there any way we can render the facet value same as it is showing in the results and make the filtering work? We are using Coveo for Sitecore Hive.

Thanks

Gravatar for flguillemette@coveo.com

Comment by François Lachance-Guillemette, Dec 20, 2018 2:04 PM

I don't think there is any way for the index to properly interpret those values, so can you create a second computed field that strips those out?

1 Reply
Gravatar for jflheureux@coveo.com

Answer by Jean-François L'Heureux, Dec 20, 2018 7:48 PM

There is no option on the facet component to support displaying items without HTML encoding them. This would be a security issue as anybody could index script tags and inject XSS on the search page.

You can code your own facet component with this option if you like.

Gravatar for kiranb@techaspect.com

Comment by Kiran Boreddy, Dec 20, 2018 8:08 PM

Understood. Thanks for your response Jean

Ask a question