[Owasp-antisamy] Feature suggest: soft breakes for the long lines.

Jim Manico jim at manico.net
Mon Jun 16 13:22:15 EDT 2008


If you take a look at ESAPI's validation API's that provide 2 parameters 
that AntiSamy could emulate:

1) allowNull - some web page fields are required, some are not. This 
allows an empty or null to pass through and skip validation
2) maxSize - at the end of the day, user driven data hits the database. 
This parameter could ensures that post-validated data is of a certain 
size or less.

- Jim
> I'd have to be convinced for the need to break on long text. However,
> "compressed HTML" is now available in 1.2 by setting the "outputFormat"
> directive to "false".
>
> Thanks,
> Arshan
>
> -----Original Message-----
> From: owasp-antisamy-bounces at lists.owasp.org
> [mailto:owasp-antisamy-bounces at lists.owasp.org] On Behalf Of Serge
> Droganov
> Sent: Monday, June 16, 2008 12:05 PM
> To: owasp-antisamy at lists.owasp.org
> Subject: [Owasp-antisamy] Feature suggest: soft breakes for the long
> lines.
>
> Hi all,
> This is actually anti-vandalism feature.
>
> Is this possible to make AntiSamy to brake looooong text's?
> I'm asking this beacuse I think that AntiSamy can easily handle this  
> while it operates with xmlText property.
>
> This feature could be turned on/off through the policy file.
>
> And one more wish is to add compress HTML option to the policy file.
>
>
> Thank you,
> Serge
> _______________________________________________
> Owasp-antisamy mailing list
> Owasp-antisamy at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-antisamy
> _______________________________________________
> Owasp-antisamy mailing list
> Owasp-antisamy at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-antisamy
>   


-- 
Jim Manico, Senior Application Security Engineer
jim.manico at aspectsecurity.com | jim at manico.net
(301) 604-4882 (work)
(808) 652-3805 (cell)

Aspect Security™
Securing your applications at the source
http://www.aspectsecurity.com



More information about the Owasp-antisamy mailing list