How to configure XSS-protection config.xml for data-* attributes. It is getting filtered. So far we are adding manually for each data-* attributes. Is there any way to have a generic fix?
For eg if we have <img data-src="url"/> we are adding like below.
<tag action="validate" name="img">
<attribute name="data-src" onInvalid="removeTag">
<regexp-list>
<regexp name="onsiteURL"/>
<regexp name="offsiteURL"/>
</regexp-list>
</attribute>
</tag>
Instead of this, any fix could provide in common? So that it will allow all data attributes?
