Vulnerability in EPiServer.Forms
I'm currently working on migration from ektron cms to episerver. I created xhtmlproperties and filled them with raw html, which contains links. After editing this property, links are parsed and converted to friendly url. What can I do to prevent that? Or can I override converting mechanism to return simple url(we have old links in simple url) instead of friendly?
Have you tried adding full absolute link URLs? I think Epi will leave those alone.
Full absolute link URL - it's simple url? No, episerver converting links to it's 'usual' link.
An alternative if you want generated urls to be in short format is to attach an event handler to IContentRouteEvents.CreatedVirtualPath and in the eventhandler check if the page has a simple adress and if so change the UrlBuilder in the eventargs to use the short url. The code would be something like in https://world.episerver.com/Modules/Forum/Pages/Thread.aspx?id=81667
I was assuming, if you migrate from Ektron, that the links are in a non-epi format. If you add them in a manor that Epi leaves untouched (for example https://imported.com/pathx/) you can then in the 2nd pass of an migratrion run find corresponding internal pages and convert it to a "real" internal link.