[owasp-antisamy] AntiSamy 1.5 released !

Dan Rabe dan.rabe at oracle.com
Wed Apr 3 20:01:49 UTC 2013


I see there is now a NekoHTML 1.9.18 as well. Any idea if it works with 
AntiSamy?
Thanks,
--Dan
/The views expressed in this email are my own and do not necessarily 
reflect the views of Oracle./*
*
On 2/7/2013 12:49 PM, Dan Rabe wrote:
> Why was NekoHTML upgraded only to 1.9.16? The git checkin comment says 
> "1.9.17 doesn't work", but doesn't provide any other details.
>
> Thanks,
> --Dan*
> */The views expressed in this email are my own and do not necessarily 
> reflect the views of Oracle./*
> *
> On 1/28/2013 11:37 PM, Kristian Rosenvold wrote:
>> After over a year, version 1.5 is finally released!
>>
>> This version requires java 1.5.
>>
>> 1.5 promises to be significantly faster than previous releases; your 
>> mileage will vary anything from just some percent to a full 5 times 
>> faster, depending on use cases. A lot of attention has been put to 
>> typical "server" validation cases in this release.
>>
>> The DOM parser is still the fastest by a clear margin if you do a lot 
>> of parameter validation (short strings). If you additionally only use 
>> AntiSamy to avoid malicious data the DOM parser will be even faster 
>> if you avoid calling CleanResults#getCleanHTML
>>
>> We also fixed issue 133, 135, 147 & 121. Nekohtml has also been 
>> upgraded to avoid all sorts of interesting OOME's and
>> stack overflows. Also, this version no longer depends on xercesImpl, 
>> avoiding a whole bunch of interesting conflicts.
>>
>> The internal interfaces have changed quite significantly; the 
>> external interfaces have very minor changes that should not affect 
>> most users.
>>
>> Enjoy !
>>
>> Kristian
>>
>>
>>
>> _______________________________________________
>> Owasp-antisamy mailing list
>> Owasp-antisamy at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-antisamy
>
>
> _______________________________________________
> Owasp-antisamy mailing list
> Owasp-antisamy at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-antisamy

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-antisamy/attachments/20130403/bba0e242/attachment.html>


More information about the Owasp-antisamy mailing list