[Owasp-antisamy] escaping tags

Jason Li jason.li at owasp.org
Thu Mar 19 16:01:30 EDT 2009


Mike,

AntiSamy has several actions you can take with tags, but escaping them
is not one of them.

It's something we could add in a future version, but I'd like to
understand what you're hoping to gain by escaping tags through
AntiSamy. You could just HTML Entity Encode the input text without
running it through AntiSamy and achieve the same effect with lower
overhead.

Are you trying to selectively escape some tags? Can you provide a use
case for this functionality?
--
-Jason Li-
-jason.li at owasp.org-



2009/3/19 Michael Masters <mmasters at gmail.com>:
> Is there a way to have anti-samy escape the tags instead of removing them?
>
> -Mike
> _______________________________________________
> Owasp-antisamy mailing list
> Owasp-antisamy at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-antisamy
>


More information about the Owasp-antisamy mailing list