[Owasp-antisamy] org.w3c.dom problem using antisamy

• Previous message: [Owasp-antisamy] antisamy problems with  
• Next message: [Owasp-antisamy] org.w3c.dom problem using antisamy
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

When using antisamy in a webapp running under resin 2 (don't ask), I ran
into:

Caused by: java.lang.UnsupportedOperationException
	at com.caucho.xml.QAbstractNode.getTextContent(QAbstractNode.java:301)
	at org.owasp.validator.html.Policy.parseTagRules(Unknown Source)
	at org.owasp.validator.html.Policy.<init>(Unknown Source)
	at org.owasp.validator.html.Policy.getInstance(Unknown Source)
(snip)

Looks like Policy.parseTagRules uses a method of org.w3c.dom that's not always
implemented. (also, it'd be valuable for debugging if releases were built with
line number information)

I worked around it (somewhat hackishly) by setting a system property before 
initializing AntiSamy like this:

System.setProperty("javax.xml.parsers.DocumentBuilderFactory", 
	"org.apache.xerces.jaxp.DocumentBuilderFactoryImpl");

Perhaps we should make a wikipage to record these kind of gotcha's and 
solutions for them?


Kind regards,

Arnout

• Previous message: [Owasp-antisamy] antisamy problems with  
• Next message: [Owasp-antisamy] org.w3c.dom problem using antisamy
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]