[Owasp-antisamy] antisamy-slashdot-1.2.xml

Serge Droganov sergei at droganov.ru
Sat Aug 16 15:14:17 EDT 2008

antisamy-slashdot-1.2.xml misses these tags: <strong> <dl> <dt> <dd>

They are announced at the top of the policy file and missed in it's  

I also think that it's wold be a good idea to create slashdot analogue  
that is compatible to simple version of tiny_mce or may be other  
simple editors.

It's of course not a big deal to create custom policy files but the  
problem is to sync them in future. The user may miss something and it  
would be a potential security hole.

Thank you,

More information about the Owasp-antisamy mailing list