[Owasp-antisamy] .NET - AntiSamy.dll could not run scan method

thanh pham ngoc pnthanh80 at hotmail.com
Tue Sep 21 00:49:13 EDT 2010


Hello,

I downloaded the code from google svn link, compiled the project to get AntiSamy.dll file, then I copied the AntiSamy.dll along with Flute.dll and HtmlAgilityPack.dll files to my web app's bin folder and used the ebay policy (antisamy-ebay-1.4.1.xml), however the scan method returned an error: Object reference not set to an instance of an object. See details below.

Here is my code:


Public Sub TestHTMLCode()
        Dim _policy As org.owasp.validator.html.Policy = Nothing
        Dim _cleanresult As org.owasp.validator.html.CleanResults = Nothing

        'get policy
        _policy = Org.owasp.validator.html.Policy.getInstance(Server.MapPath("antisamy-ebay-1.4.1.xml"))
        If Not _policy Is Nothing Then
            Response.Write("<br />has policy")
        End If

        Dim _antisamy As New Org.owasp.validator.html.AntiSamy

        Response.Write("<br />" & _antisamy.ToString())

        _cleanresult = _antisamy.scan(txtHTMLCode.Text.Trim, _policy)

        'Show error msg
        Dim i As Integer = 0
        For i = 0 To _cleanresult.getErrorMessages.Count - 1
            txtResult.Text = txtResult.Text & "Error " & i & ": " & _cleanresult.getErrorMessages(i) & ControlChars.CrLf
        Next

        'get clean html
        txtResult.Text = txtResult.Text & "Clean HTML: " & _cleanresult.getCleanHTML() & ControlChars.CrLf

        'Show scan time
        txtResult.Text = txtResult.Text & "Scan time: " & _cleanresult.getScanTime() & ControlChars.CrLf

    End Sub

Can you please help me. Thanks.
Server Error in '/' Application.

             Object reference not set to an instance of an object. 

            

             Description: An unhandled exception occurred during 
the execution of the current web request. Please review the stack trace 
for more information about the error and where it originated in the 
code.

            



             Exception Details: System.NullReferenceException: Object reference not set to an instance of an object.



            Source Error: 



            
               
                  
                      Line 22:         Response.Write("<br />" & _antisamy.ToString())
Line 23: 
Line 24:         _cleanresult = _antisamy.scan(txtHTMLCode.Text.Trim, _policy)
Line 25: 
Line 26:         'Show error msg

                  
               
            

            
Stack Trace: 



            
               
                  
                      [NullReferenceException: Object reference not set to an instance of an object.]
   org.owasp.validator.html.Policy.getTagByName(String tagName) +9
   org.owasp.validator.html.scan.AntiSamyDOMScanner.recursiveValidateTag(HtmlNode node) +408
   org.owasp.validator.html.scan.AntiSamyDOMScanner.scan(String html, String inputEncoding, String outputEncoding) +478
   org.owasp.validator.html.AntiSamy.scan(String taintedHTML, Policy policy) +47
   test_security_xssme.TestHTMLCode() in C:\inetpub\wwwroot\test2.oztion.com.au\test\security\xssme.aspx.vb:24
   test_security_xssme.btnSubmit_Click(Object sender, EventArgs e) in C:\inetpub\wwwroot\test2.oztion.com.au\test\security\xssme.aspx.vb:46
   System.Web.UI.WebControls.Button.OnClick(EventArgs e) +111
   System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument) +110
   System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String eventArgument) +10
   System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument) +13
   System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData) +36
   System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +1565

Regards,



Thanh Pham

 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-antisamy/attachments/20100921/5af22232/attachment.html 


More information about the Owasp-antisamy mailing list