2853426 - Render HTML tags on field values - Recruiting Management

Is it possible to render HTML tags inside the field values across Recruiting?

SAP SuccessFactors Recruiting Management

1. Declare a new field on the Job Requisition template, for example, either standard or custom;
2. Set the field label mime-type as "text/html";
3. On the field value, type a value with HTML tags inside;
4. It is not rendered, and it is shown as text inside the field;

Due to security reasons every value on the system will be parsed as its respective type and not considered for rendering on the system, even if an HTML is added.

To maintain the integrity and the security of information that is added into SuccessFactors database, and mainly to avoid script getting injected into our system somehow, the field values on our system are interpreted on the HTML as its respective value, and the reasons behind that are:

1. Security: Opening the system to render the content stored on the field value could bring some security concerns into SuccessFactors and its users. As this article topic is specifically on rendering HTML tags, lets say that we add a HTML tag inside a field, and we use the HTML tag "<script>", this tag allows the user to add for example JavaScript in there, and if that JavaScript gets rendered with some harmful script, it could damage the system and more importantly the company's information.
2. Storage: The information that is added in there will be stored on the database, so the system will parse that information as its specific type before storing it. Lets say that instead of using a javascript you any system users add to it some logical expression or SQL command and modifies data into on the database, as the information is not being parsed. So prior to storing the information the value is parsed to the respective field type and then stored.

html, render, field, job, requisition, script, display, image, security, tag, value , KBA , LOD-SF-RCM , Recruiting Management , How To