Using "href=tel:" in custom Azure B2C SSO HTML page

Question

I am attempting to use a <a href="tel://1300000">1300000</a> link on any custom policies HTML page in Azure AD B2C SSO but href="tel://1300000 is being stripped out and only <a>1300000</a> is visible in the page source thus negating the link.

I can understand why this is done when attempting to use the <script> tag as JavaScript is not permitted but I can't find any reference or logical reasoning as to why tel: or tel:// are not permitted, I have also tried callto:, auto-detected:,sms: and fax: but these are also stripped.

If this is a limitation then some reasoning would be great, even better would be a possible workaround/solution.

Cheers!

Madison Courto · Accepted Answer · 2018-12-11T02:47:32.400

1

EDIT: This is no longer an issue due to MS allowing front end JS https://learn.microsoft.com/en-us/azure/active-directory-b2c/javascript-samples

The reasoning for this is due to the following code that is inserted into every custom HTML page in SSO;

As you can see only http,https,ftp and mailto are allowed.

edited Dec 11 '18 at 02:47

answered Dec 05 '18 at 01:21

Madison Courto

1,231
13
25

Using "href=tel:" in custom Azure B2C SSO HTML page

1 Answers1