Skip to main content
Gainsight Inc.

Validate In-App Engagements for Checksum and HTML Sanitization

  1. Last updated
  2. Save as PDF

This article explains how to validate active engagements for Checksum and HTML errors before they are viewed by the user. 

Overview

Gainsight PX lets you validate active engagements for checksum and HTML errors in real time. This helps you identify and debug potential issues to eliminate errors even before the engagements are triggered for the user.

Define the validation criteria to run a detailed check across engagements to identify and debug the following potential issues:

  • Checksum validations
  • Vulnerable or invalid HTML tags
  • Domains not allowed in HTML

Validate Engagements for Errors

To validate active engagements: 

  1. Navigate to Administration > Checksum
  2. (Optional) If there are multiple products in the subscription, select the product to validate the engagements.
  3. (Optional) Select the environment. 

    Admin_Admin Console_Download Checksum.png
     
  4. Click Download Checksum to download a list of active engagements and their IDs. 
  5. Upload the checksum file to the server.
  6. In the uploaded file, configure the engagements that must be whitelisted.
  7. In the Checksum URL field, enter the location of the uploaded file to validate the engagements for checksum failures. 
  8. In the HTML Sanitization Allowed Domains field, enter the domains that can be referenced in HTML for engagements.
    For more information on how HTML sanitization works in Gainsight PX, refer to the Javascript SDK Configuration article.

    Admin_Admin Console_Validation Criteria.png
  9. Click Save.
  10. From the Engagements section, select the engagements to validate.
    Note: You can select a maximum of five engagements at a time.
  11. Click Validate.

    Admin_Admin Console_Engagements Validated.png

The Errors in Validate Engagements section displays a list of the issues identified in the selected engagements, along with details on the type of error. The information displayed in this section is for identification purposes only. To fix the errors, navigate to the specific engagement and make the changes. 

Admin_Admin Console_Engagements.png

To refresh the data or validate other engagements, navigate back to the Engagements section. 

List of Whitelisted HTML tags

As an administrator, you can add or modify existing attributes for the images, links and tables added to an engagement. The HTML tags that are present in the whitelist are scanned by the htmlSanitization add-on config and enables users to view the images, tables, and hyperlinks in the engagement in Preview and Launch mode.

The following HTML tags are whitelisted in Gainsight PX to be used in engagements:


/ original allow lists /
const tagWhitelist_ = {
       'A': true, 'ABBR': true, 'AUDIO': true,
       'B': true, 'BIG': true, 'BLOCKQUOTE': true, 'BODY': true, 'BR': true,
        'CAPTION': true, 'CENTER': true, 'CODE': true,  'COL': true,  'COLGROUP': true,
       'DEL': true, 'DIV': true,
       'EM': true,
       'FONT': true,
       'H1': true, 'H2': true,'H3': true,'H4': true, 'H5': true, 'H6': true, 'HR': true, 
      
       'I': true, 'IFRAME': true, 'IMG': true,'INS': true,
       'LABEL': true, 'LI': true,
       'O': true,'OL': true,
       'P': true, 'PRE': true,
       'S': true,'SCRIPT': true, 'SMALL': true, 'SOURCE': true, 'SPAN': true, 'STRIKE': true,        'STRONG': true, 'SUB': true,  'SUP': true,
       'TABLE': true, 'TBODY': true,'TD': true, 'TFOOT': true,  'TH': true, 'THEAD': true,  'TR': true,     'TT': true,
       'U': true,   'UL': true,
       'VIDEO': true, 'META': true   };
const contentTagWhiteList_ = {'FORM': true}; //tags that will be converted to DIVs
const attributeWhitelist_ = {'accept': true,'accept-charset': true,'accesskey': true, 'action': true, 'align': true,  'alt': true,
 'allowfullscreen': true, 'async': true,'autocomplete': true,  'alt': true, 'allowfullscreen': true, 'async': true,'autocomplete': true, 'autofocus': true, 'autoplay': true, 'bgcolor': true,'border': true,
       'charset': true, 'checked': true, 'cite': true, 'class': true, 'color': true, 'cols': true,'colspan': true, 'content': true,  'contenteditable': true, 'controls': true, 'coords': true,
       'data': true, 'data-aptr': true,  'data-apt-element': true,'datetime': true, 'default': true, 'defer': true, 'dir': true, 'dirname': true, 'disabled': true, 'download': true, 'draggable': true,
 'enctype': true,
      
 'form': true, 'formaction': true, 'frameborder': true,
     
  'headers': true, 'height': true, 'hidden': true, 'high': true, 'href': true, 'hreflang': true,  'http-equiv': true,    
  'id': true,  'ismap': true,   
  'kind': true,    
 'label': true, 'lang': true, 'list': true, 'loop': true, 'low': true,      
'max': true, 'maxlength': true, 'media': true, 'method': true, 'min': true, 'multiple': true, 'muted': true       
'name': true, 'novalidate': true,
'open': true,  'optimum': true,
     
 'pattern': true, 'placeholder': true, 'poster': true, 'preload': true,
 'readonly': true,'rel': true,'required': true,'reversed': true,'rows': true,'rowspan': true,
      
 'sandbox': true, 'scope': true, 'selected': true, 'shape': true, 'size': true, 'sizes': true, 'span': true,  'spellcheck': true, 'src': true,  'srcdoc': true,'srclang': true, 'srcset': true, 'start': true, 'step': true, 'style': true,
       
'tabindex': true, 'target': true,'title': true, 'translate': true, 'type': true,
 'usemap': true,
 'value': true,
  'width': true,
  'wrap': true
   };

Additional Resources