[owasp-antisamy] A couple of questions about upgrading
Kristian Rosenvold
kristian.rosenvold at gmail.com
Fri Mar 22 11:50:09 UTC 2013
You probably need to turn off html mangling, which seems to have been
made default in 1.4.5 ;)
The Policy.PRESERVE_SPACE setting is your friend.
Kristian
@Test
public void testWhitespaceNotBeingMangled() throws ScanException,
PolicyException {
String test = "<select name=\"name\"><option
value=\"Something\">Something</select>";
String expected = "<select name=\"name\"><option
value=\"Something\">Something</option></select>";
Policy preserveSpace = policy.cloneWithDirective(
Policy.PRESERVE_SPACE, "true" );
CleanResults preserveSpaceResults = as.scan(test,
preserveSpace, AntiSamy.SAX);
assertEquals( expected, preserveSpaceResults.getCleanHTML() );
}
2013/3/1 Jacob Coulter <jacob.coulter at gmail.com>:
> We have a factory that creates an Antisamy (v 1.4.1) and were hoping
> to upgrade to 1.5.1. What happened to Antisamy.java's inputEncoding
> and outputEncoding? How do we set the equivalent values to manage
> these concerns now?
>
> Also, in several of our unit tests we are suddenly getting extra
> spaces wherever we have nested tags. For instance, after scanning the
> string: '<select name="name"><option
> value="Something">Something</select>' We now get : '<select
> name="name"> <option value="Something">Something </select>' Note the
> 2 extra spaces between the tags and before the closing select. (The
> lack of closing option tag is not a pertinent part of this example.)
>
> The second issue doesn't seem to be causing pain, but it is
> unexpected. Anyone else notice this?
>
> Thanks,
>
> Jacob
> _______________________________________________
> Owasp-antisamy mailing list
> Owasp-antisamy at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-antisamy
More information about the Owasp-antisamy
mailing list