Restrictions on policy IMAGES.
22 views
Skip to first unread message
Johannes Lichtenberger
Jun 12, 2014, 3:48:45 AM6/12/14
to owasp-java-html-...@googlegroups.com
Hello,
isn't the policy too restrictive, as it doesn't allow "%", "em", "px" and so on?
kind regards
Johannes
isn't the policy too restrictive, as it doesn't allow "%", "em", "px" and so on?
kind regards
Johannes
Johannes Lichtenberger
Jun 12, 2014, 6:13:03 AM6/12/14
to owasp-java-html-...@googlegroups.com
Okay, I think it's always px!?
Mike Samuel
Jun 12, 2014, 8:15:10 AM6/12/14
to owasp-java-html-...@googlegroups.com
I don't follow. If you're talking about <img height=... width=...>,
the ... is always "pixels"* because these were speced in HTML before
CSS existed.
* - http://www.quirksmode.org/blog/archives/2010/04/a_pixel_is_not.html
2014-06-12 6:13 GMT-04:00 Johannes Lichtenberger
<lichtenberg...@gmail.com>:
> --
> You received this message because you are subscribed to the Google Groups
> "OWASP Java HTML Sanitizer Support" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to owasp-java-html-saniti...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
the ... is always "pixels"* because these were speced in HTML before
CSS existed.
* - http://www.quirksmode.org/blog/archives/2010/04/a_pixel_is_not.html
2014-06-12 6:13 GMT-04:00 Johannes Lichtenberger
<lichtenberg...@gmail.com>:
> You received this message because you are subscribed to the Google Groups
> "OWASP Java HTML Sanitizer Support" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to owasp-java-html-saniti...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
Reply all
Reply to author
Forward
0 new messages