[Owasp-antisamy] AntiSamy 1.4.1 released (into Maven!)

Arshan Dabirsiaghi arshan.dabirsiaghi at aspectsecurity.com
Mon Jun 14 16:06:26 EDT 2010

By the way, for all you non-Maven folks, we deployed the new source,
binaries and policy files to the Google Code downloads page:








From: Arshan Dabirsiaghi 
Sent: Thursday, June 10, 2010 10:11 PM
To: owasp-antisamy at lists.owasp.org
Subject: AntiSamy 1.4.1 released (into Maven!)


We kind of skipped 1.4. Here are the highlights:


1. Full Maven support. Here's an example dependency:








2. SAX support:


Calls like AntiSamy.scan(String,Policy) become
AntiSamy.scan(String,Policy,AntiSamy.SAX). Default still uses DOM.
Consider the SAX version really promising but still 10% experimental.
All test cases pass, but security isn't all about test cases.


3. New directives:


validateParamAsEmbed - as discussed previously on this list. When set to
true, lets you validate <param> tags in ways you couldn't before.

noFollowAnchors - when set to true, adds a rel="nofollow" to anchor tags
that pass validation.


Details all on http://i8jesus.com/?p=112. As always, we appreciate your
feedback, bug reports, and patches.




-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-antisamy/attachments/20100614/57c18786/attachment.html 

More information about the Owasp-antisamy mailing list