[owasp-antisamy] Help with ignoring invalid attribute name in HTML Tag

Jim Manico jim at manico.net
Mon Feb 28 01:22:59 EST 2011


On 2/27/2011 7:54 PM, Chao Jiang wrote:
> An invalid or illegal XML character is specified

Instead of

instead of AntiSamy.scan(String, policy)

can you try

AntiSamy.scan(String,policy,AntiSamy.SAX)

instead?

This will default to SAX based XML parsing and should be a lot faster
(and may fix this issue).

- Jim


More information about the Owasp-antisamy mailing list