[Owasp-antisamy] The release candidate for 1.4.2 is available in a nightly build now

Paul Curren pcurren at atlassian.com
Wed Dec 1 05:39:18 EST 2010


Hi Arshan. I'd like to schedule a little time to try out 1.4.2 (we use a reasonable amount of CDATA).

Typically though, my product manager wants to know why we should move to 1.4.2 before he will schedule the time. Do you have an improvements list or bug fix list or anything like that?

Thanks,

Paul C

On 01/12/2010, at 5:07 AM, Arshan Dabirsiaghi wrote:

> Please do field testing on a nightly build if you’re using AntiSamy and use/expect a lot of CDATA from your users. I’m looking to get validation from people that use it on crazy, programmatically generated CDATA (e.g., from MS Office products). We want to release 1.4.2 this week and our behavior around CDATA validation/sanitization has changed in both the SAX and DOM engines – hopefully for the better (and most definitely safer).
>  
> More details will be available later, but if you want to make sure it’s going to work the way you want, now is the time to speak up.
>  
> Thanks,
> Arshan
> _______________________________________________
> Owasp-antisamy mailing list
> Owasp-antisamy at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-antisamy

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-antisamy/attachments/20101201/950c4d63/attachment.html 


More information about the Owasp-antisamy mailing list