Problem with Temporarily allowed to save HTML value warning?
Encountering errors such as “Temporarily allowed to save HTML value that contains restricted elements” after Version Upgrade? There are a few ways to workaround, or fix this issue. It’s not exactly an “issue” per se, but the warning can be glaring if we don’t know what it means.
Temporarily allowed to save HTML value that contains restricted elements. Allowed HTML attributes for tag "a" are: class,width,height,style,alt,title,border,id,data-content-type,data-appearance,data-element,data-enable-parallax,data-parallax-speed,data-background-images,data-background-type,data-video-loop,data-video-play-only-visible,data-video-lazy-load,data-video-fallback-src,data-grid-size,data-active-tab,role,href,data-tab-name,data-same-width,target,data-link-type,data-show-button,data-show-overlay,data-overlay-color,data-autoplay,data-autoplay-speed,data-fade,data-infinite-loop,data-show-arrows,data-show-dots,data-slide-name,data-show-controls,data-locations,data-video-src,data-video-overlay-color
On a high level, this error does not have any bad effect as it is just a warning that such content will likely be deprecated some point in the future. If you do take a closer look at the error message, it will point out more information on what may have caused the warning.
Allowed HTML attributes for tag "a"
Digging deeper, the <a> tag in the product content has issue with fulfilling what the newer version of Magento requires. Most of the time this content falls under Description, Short Description, or attributes where Page Builder and WYSIWYG are used. For our case, it fell into the Page Builder of Description where using the Link functionality in the WYSIWYG widget. It has created a rel=”” attribute which is not accepted after version upgrade, specifically when choosing “New Window”.
Solution?
There is no 1 recommended solution for this “Temporarily allowed to save HTML value” error as it depends on the nature of the project. The tags and attributes in question will also need to be studied on their importance.
1. Change the content to fit
Identify the tag or attribute causing the issue and update the content so that the warning does not show up. Pay attention to what tag or attribute can be used, and removed or replaced whenever possible.
2. Reduce the use of WYSIWYG
This may be a weird suggestion but some attributes are included through the widget and it is not something you can just hijack away. If you hit an error like this project did, changing the content will not work because the rel=”” attribute is added through the WYSIWYG widget.
After Note
Currently patched versions of Magento (2.4.3, 2.4.2-p2 and 2.3.7-p1) are expected to see errors like this due to a config that was introduced.
vendor/magento/module-cms/Model/Wysiwyg/Validator.php
cms/wysiwyg/force_valid
vendor/magento/module-cms/etc/config.xml
This value is by default set to false (for the time being) so it will just be a suggested “warning”. However given the lack of option for Admin to change this at the Admin Panel, it is suspected that eventually Magento could default this to a true due to security concerns.
Under CLI, this value can be changed using the command below.
bin/magento cms:wysiwyg:restrict <restrict>
y – This will force strict validation
n – This will remain as current “suggested” warning setup (default)
Ref: https://devdocs.magento.com/guides/v2.4/reference/cli/magento-commerce.html#cmswysiwygrestrict
Have you been doing version upgrade for Magento lately? Read more into session max size issue that was encountered during one of the Version Upgrade sessions!