[Owasp-antisamy] .NET - AntiSamy.dll could not run scan method

thanh pham ngoc pnthanh80 at hotmail.com
Tue Sep 21 00:49:13 EDT 2010


I downloaded the code from google svn link, compiled the project to get AntiSamy.dll file, then I copied the AntiSamy.dll along with Flute.dll and HtmlAgilityPack.dll files to my web app's bin folder and used the ebay policy (antisamy-ebay-1.4.1.xml), however the scan method returned an error: Object reference not set to an instance of an object. See details below.

Here is my code:

Public Sub TestHTMLCode()
        Dim _policy As org.owasp.validator.html.Policy = Nothing
        Dim _cleanresult As org.owasp.validator.html.CleanResults = Nothing

        'get policy
        _policy = Org.owasp.validator.html.Policy.getInstance(Server.MapPath("antisamy-ebay-1.4.1.xml"))
        If Not _policy Is Nothing Then
            Response.Write("<br />has policy")
        End If

        Dim _antisamy As New Org.owasp.validator.html.AntiSamy

        Response.Write("<br />" & _antisamy.ToString())

        _cleanresult = _antisamy.scan(txtHTMLCode.Text.Trim, _policy)

        'Show error msg
        Dim i As Integer = 0
        For i = 0 To _cleanresult.getErrorMessages.Count - 1
            txtResult.Text = txtResult.Text & "Error " & i & ": " & _cleanresult.getErrorMessages(i) & ControlChars.CrLf

        'get clean html
        txtResult.Text = txtResult.Text & "Clean HTML: " & _cleanresult.getCleanHTML() & ControlChars.CrLf

        'Show scan time
        txtResult.Text = txtResult.Text & "Scan time: " & _cleanresult.getScanTime() & ControlChars.CrLf

    End Sub

Can you please help me. Thanks.
Server Error in '/' Application.

             Object reference not set to an instance of an object. 


             Description: An unhandled exception occurred during 
the execution of the current web request. Please review the stack trace 
for more information about the error and where it originated in the 


             Exception Details: System.NullReferenceException: Object reference not set to an instance of an object.

            Source Error: 

                      Line 22:         Response.Write("<br />" & _antisamy.ToString())
Line 23: 
Line 24:         _cleanresult = _antisamy.scan(txtHTMLCode.Text.Trim, _policy)
Line 25: 
Line 26:         'Show error msg


Stack Trace: 

                      [NullReferenceException: Object reference not set to an instance of an object.]
   org.owasp.validator.html.Policy.getTagByName(String tagName) +9
   org.owasp.validator.html.scan.AntiSamyDOMScanner.recursiveValidateTag(HtmlNode node) +408
   org.owasp.validator.html.scan.AntiSamyDOMScanner.scan(String html, String inputEncoding, String outputEncoding) +478
   org.owasp.validator.html.AntiSamy.scan(String taintedHTML, Policy policy) +47
   test_security_xssme.TestHTMLCode() in C:\inetpub\wwwroot\test2.oztion.com.au\test\security\xssme.aspx.vb:24
   test_security_xssme.btnSubmit_Click(Object sender, EventArgs e) in C:\inetpub\wwwroot\test2.oztion.com.au\test\security\xssme.aspx.vb:46
   System.Web.UI.WebControls.Button.OnClick(EventArgs e) +111
   System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument) +110
   System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String eventArgument) +10
   System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument) +13
   System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData) +36
   System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +1565


Thanh Pham

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-antisamy/attachments/20100921/5af22232/attachment.html 

More information about the Owasp-antisamy mailing list