The Sanitizer object is a Relativity system object that stores the Sanitizer Whitelist information. The Sanitizer Whitelist is used to parse embedded HTML code in HTML-enabled and custom text fields and labels. The sanitizer object is where you can enable or disable the sanitization process on the Relativity instance. The Sanitizer object is located in the Sanitizer Tab.
The sanitization process parses HTML content located in “Message of the day” page, HTML enabled fields, labels and custom text fields on layouts, when rendered on user interface, strips any HTML markup which is not included in the white list.
Sanitization process is enabled by default.
Modifying the white list
In the Sanitizer tab, you can modify the white list, but modify it with caution and at your own risk.
Note: Modifying the white list incorrectly could open your instance to possible cross-site scripting or other risks.
The XML in the white list specifies approved HTML markup that will not get stripped from fields with HTML upon page view.
The sanitizer admin tab is hidden by default, but the HTML sanitization is on by default. The visibility of the tab in your Relativity instance has no effect on the sanitization process.
Note: Disabling sanitization is a high security risk and is highly discouraged. For any questions, please reach out to Relativity Support.
Adding the Sanitizer tab
To add the Sanitizer tab at the Admin level:
- Select the Admin Workspace Configuration tab and select Tabs.
- Filter for Sanitizer from the tabs list and select it.
- Click Edit on the Sanitizer tab layout and set the Visible field to enabled.
- Click Save.