function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
Joe_IpsenJoe_Ipsen 

How to overcome the SFDC Known Issue on Case Descriptions with <script> tags

The Known Issue:

 

If the Case description field contains <script> and </script> all special characters are escaped (even the characters outside the tags).

For example:

<script type="text/javascript" src="http://www.google.com/jsapi"></script>
google.load("earth", "1", {"other_params":"client=gme-noaa&sensor=false&channel=NMFS.SWFSC.PRD.ShipResearchSurveys"});

changes to:

&lt;script type=&quot;text/javascript&quot; src=&quot;http://www.google.com/jsapi"></script>;
google.load(&quot;earth&quot;, &quot;1&quot;, {&quot;other_params&quot;:&quot;client=gme-noaa&amp;sensor=false&amp;channel=NMFS.SWFSC.PRD.ShipResearchSurveys&quot;});

The same behaviour is not observed when entering the same text into a Case Comment.

 

The Workaround:

 

Create a workflow rule on Cases which triggers every time the case is created or edited. Add a Field Update to this rule to update the Description field with syntax like:

SUBSTITUTE (
SUBSTITUTE (
SUBSTITUTE (
SUBSTITUTE(Description , '&amp;' , '&') ,
'&lt;', '<' ),
'&gt;','>' ),
'&quot;','"' )

Pradeep_NavatarPradeep_Navatar

If the data type of field is "Text Area" then it will show any tag (HTML or Script) as it is but if the data type of field is "Text" or "Long Text Area" then it will take any tag except “script” tag. I think salesforce does not save script tag as it is in "Text" or "Long Text Area" due to the security reasons.

 

Hope this helps.