[Owasp-antisamy] AntiSAMY Defect

Shishir Kumar shishirroy2000 at gmail.com
Fri Sep 19 07:29:32 EDT 2008


I found that if user input text at UI as:

<script type=\"text/javascript\">document.write(\"Hello World!\");</script>

The scan goes to infinite loop and throws OutOfMemoryError

as.scan(inputData, policy);

Note: For Input below input it works fine. So the problem is something with

<script type="text/javascript">document.write("Hello World!");</ script >


Shishir Kumar
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-antisamy/attachments/20080919/5e6d75ee/attachment.html 

More information about the Owasp-antisamy mailing list