Update on status of work on new ESAPI release to update to new AntiSamy 1.7.4 release

[Kevin W. Wall]

I ran into a roadblock on this that I'm trying to work through with the assistance of the AntiSamy team.

The simple update to AntiSamy 1.7.4 caused test failures in 3 existing tests where Validator.getValidSafeHTML returned different cleansed output (although it looks safe to me in all the cases).

I'm working through it, but the result seems unexpected by the AntiSamy folks.

-kevin

--

Blog: https://off-the-wall-security.blogspot.com/    | Twitter: @KevinWWall | OWASP ESAPI Project co-lead
NSA: All your crypto bit are belong to us.

[Kevin W. Wall]

Should anyone care to look at the AntiSamy related tests that are now failing in ESAPI, I have created a GitHub issue and a PR against AntiSamy so their development team can more easily analyze it.

For details, see:

https://github.com/nahsra/antisamy/issues/389

and

https://github.com/nahsra/antisamy/pull/388

-kevin