[owasp-antisamy] AntiSamy 1.5 released !

Kristian Rosenvold kristian.rosenvold at gmail.com
Tue Jan 29 07:32:25 UTC 2013


Updated the wiki.

Turns out I was wrong about xercesImpl; we actually still need it. nekohtml
pulls it in transitively so the maven maven pom for 1.5 is "correct".

If you manually set up deps, it's still required. Unsure if newer versions
of xercesImpl can be used

Kristian


2013/1/29 Robert Olofsson <unlogic at unlogic.se>

>  Good work, this sounds excellent!
>
> Is there an updated list of the dependencies available? (I noticed that
> the wiki page doesn't seem to be updated
> http://code.google.com/p/owaspantisamy/wiki/Dependencies)
>
> /Robert
>
> _______________________________________
> Robert Olofsson, Sweden
> http://www.unlogic.se
>
>   On 2013-01-29 07:37, Kristian Rosenvold wrote:
>
> After over a year, version 1.5 is finally released!
>
>  This version requires java 1.5.
>
>  1.5 promises to be significantly faster than previous releases; your
> mileage will vary anything from just some percent to a full 5 times faster,
> depending on use cases. A lot of attention has been put to typical "server"
> validation cases in this release.
>
>  The DOM parser is still the fastest by a clear margin if you do a lot of
> parameter validation (short strings). If you additionally only use AntiSamy
> to avoid malicious data the DOM parser will be even faster if you avoid
> calling CleanResults#getCleanHTML
>
>  We also fixed issue 133, 135, 147 & 121. Nekohtml has also been upgraded
> to avoid all sorts of interesting OOME's and
> stack overflows. Also, this version no longer depends on xercesImpl,
> avoiding a whole bunch of interesting conflicts.
>
>  The internal interfaces have changed quite significantly; the external
> interfaces have very minor changes that should not affect most users.
>
>  Enjoy !
>
>  Kristian
>
>
>
> _______________________________________________
> Owasp-antisamy mailing listOwasp-antisamy at lists.owasp.orghttps://lists.owasp.org/mailman/listinfo/owasp-antisamy
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-antisamy/attachments/20130129/6ab9afa5/attachment.html>


More information about the Owasp-antisamy mailing list