[Owasp-antisamy] inline style problem
ag5743 at telus.net
Sat Mar 14 14:50:58 EDT 2009
when trying to parse an inline style such as <div
style='color:#000'></div> it returns false
showing ":"(colon) is not allowed even though my regular expression
allows it. To get round the problem
I change all "style" to "astyle" (any other word will do) and change the
xml file as well ("style" changed to "astyle").
I am using Railo (coldfusion).
anyone else had a problem with inline style, is this a bug, although my
hack of changing "style" to something else works
it seems to indicate a fundamental problem somewhere?
More information about the Owasp-antisamy