[owasp-antisamy] A couple of questions about upgrading

Jacob Coulter jacob.coulter at gmail.com
Fri Mar 22 13:03:31 UTC 2013


Thanks,

  I'll give it a try and report back!


On Fri, Mar 22, 2013 at 6:50 AM, Kristian Rosenvold
<kristian.rosenvold at gmail.com> wrote:
> You probably need to turn off html mangling, which seems to have been
> made default in 1.4.5 ;)
>
> The Policy.PRESERVE_SPACE setting is your friend.
>
> Kristian
>
>
>     @Test
>     public void testWhitespaceNotBeingMangled() throws ScanException,
> PolicyException {
>         String test = "<select name=\"name\"><option
> value=\"Something\">Something</select>";
>         String expected = "<select name=\"name\"><option
> value=\"Something\">Something</option></select>";
>         Policy preserveSpace = policy.cloneWithDirective(
> Policy.PRESERVE_SPACE, "true" );
>         CleanResults preserveSpaceResults = as.scan(test,
> preserveSpace, AntiSamy.SAX);
>         assertEquals( expected, preserveSpaceResults.getCleanHTML() );
>     }
>
>
> 2013/3/1 Jacob Coulter <jacob.coulter at gmail.com>:
>> We have a factory that creates an Antisamy (v 1.4.1) and were hoping
>> to upgrade to 1.5.1.  What happened to Antisamy.java's inputEncoding
>> and outputEncoding? How do we set the equivalent values to manage
>> these concerns now?
>>
>> Also, in several of our unit tests we are suddenly getting extra
>> spaces wherever we have nested tags.  For instance, after scanning the
>> string:  '<select name="name"><option
>> value="Something">Something</select>'  We now get : '<select
>> name="name"> <option value="Something">Something </select>'   Note the
>> 2 extra spaces between the tags and before the closing select.  (The
>> lack of closing option tag is not a pertinent part of this example.)
>>
>> The second issue doesn't seem to be causing pain, but it is
>> unexpected.  Anyone else notice this?
>>
>> Thanks,
>>
>>   Jacob
>> _______________________________________________
>> Owasp-antisamy mailing list
>> Owasp-antisamy at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-antisamy


More information about the Owasp-antisamy mailing list