[owasp-antisamy] Help with ignoring invalid attribute name in HTML Tag

Chao Jiang Chao.Jiang at anu.edu.au
Mon Feb 28 16:41:35 EST 2011


I cannot try
AntiSamy.scan(String,policy,AntiSamy.SAX)

Because I am using version 1.4 which doesn't support the new static
method.

By the way I tried the dependency setting for POM file, it doesn't
work(cannot find the jar file), so is there a new version available in
Maven repository?
<dependency>
    <groupId>org.owasp.antisamy</groupId>
    <artifactId>antisamy-project</artifactId>
    <version>1.4.3</version>
</dependency>

Thanks a lot.
Chao

-----Original Message-----
From: Jim Manico [mailto:jim at manico.net] 
Sent: Monday, 28 February 2011 5:23 PM
To: Chao Jiang
Cc: owasp-antisamy at lists.owasp.org
Subject: Re: [owasp-antisamy] Help with ignoring invalid attribute name
in HTML Tag

On 2/27/2011 7:54 PM, Chao Jiang wrote:
> An invalid or illegal XML character is specified

Instead of

instead of AntiSamy.scan(String, policy)

can you try

AntiSamy.scan(String,policy,AntiSamy.SAX)

instead?

This will default to SAX based XML parsing and should be a lot faster
(and may fix this issue).

- Jim


More information about the Owasp-antisamy mailing list