jason.johnson at owasp.org
Sun Feb 3 17:59:57 UTC 2013
I am aswell, is the .NET project still needing attention or is the MS
version superseded. We could improve on it?
On Feb 3, 2013 11:44 AM, "Jim Manico" <jim.manico at owasp.org> wrote:
> I'm very excited to see the AntiSamy projects recent update! Nice work,
> After over a year, version 1.5 is finally released!
> This version requires java 1.5.
> 1.5 promises to be significantly faster than previous releases; your
> mileage will vary anything from just some percent to a full 5 times faster,
> depending on use cases. A lot of attention has been put to typical "server"
> validation cases in this release.
> The DOM parser is still the fastest by a clear margin if you do a lot of
> parameter validation (short strings). If you additionally only use AntiSamy
> to avoid malicious data the DOM parser will be even faster if you avoid
> calling CleanResults#getCleanHTML
> We also fixed issue 133, 135, 147 & 121. Nekohtml has also been upgraded to
> avoid all sorts of interesting OOME's and
> stack overflows. Also, this version no longer depends on xercesImpl,
> avoiding a whole bunch of interesting conflicts.
> The internal interfaces have changed quite significantly; the external
> interfaces have very minor changes that should not affect most users.
> Enjoy !
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Leaders