How is this causing problems?
--
You received this message because you are subscribed to the Google Groups "OWASP Java HTML Sanitizer Support" group.
To unsubscribe from this group and stop receiving emails from it, send an email to owasp-java-html-sanitizer-support+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Same question for you, kmenzli, how is this causing problems?
--
khemais menzli / PreSales Director
kme...@exoplatform.com / (216) 28 71 47 24
eXo Platform
Tunisia
http://www.exoplatform.com
This e-mail message may contain confidential or legally privileged information and is intended only for the use of the intended recipient(s). Any unauthorized disclosure, dissemination, distribution, copying or the taking of any action in reliance on the information herein is prohibited. E-mails are not secure and cannot be guaranteed to be error free as they can be intercepted, amended, or contain viruses. Anyone who communicates with us by e-mail is deemed to have accepted these risks. eXoPlatform is not responsible for errors or omissions in this message and denies any responsibility for any damage arising from the use of e-mail. Any opinion and other statement contained in this message and any attachment are solely those of the author and do not necessarily represent those of the company.
--
You received this message because you are subscribed to a topic in the Google Groups "OWASP Java HTML Sanitizer Support" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/owasp-java-html-sanitizer-support/ZpcCZdx6bUE/unsubscribe.
To unsubscribe from this group and all its topics, send an email to owasp-java-html-sanitizer-support+unsubscribe@googlegroups.com.
This is not a problem from what Mike and I see. If you are using
the library properly - for sanitizing and rendering untrusted HTML
in a browser -then the HTML encoded special characters will
display properly.
I am still concerned about your issue. I don't understand why an encoded special character is a problem for you. What browser are you using? What does the *rendered* HTML look like?
Removing the special character encoding will weaken the security properties of this library, so it's almost certainly not going to happen... :(
Respectfully, Jim--
You received this message because you are subscribed to the Google Groups "OWASP Java HTML Sanitizer Support" group.
To unsubscribe from this group and stop receiving emails from it, send an email to owasp-java-html-saniti...@googlegroups.com.
khemais menzli / PreSales Director
kme...@exoplatform.com / (216) 28 71 47 24
eXo Platform
Tunisia
http://www.exoplatform.com
This e-mail message may contain confidential or legally privileged information and is intended only for the use of the intended recipient(s). Any unauthorized disclosure, dissemination, distribution, copying or the taking of any action in reliance on the information herein is prohibited. E-mails are not secure and cannot be guaranteed to be error free as they can be intercepted, amended, or contain viruses. Anyone who communicates with us by e-mail is deemed to have accepted these risks. eXoPlatform is not responsible for errors or omissions in this message and denies any responsibility for any damage arising from the use of e-mail. Any opinion and other statement contained in this message and any attachment are solely those of the author and do not necessarily represent those of the company.
To unsubscribe from this group and stop receiving emails from it, send an email to owasp-java-html-sanitizer-support+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to a topic in the Google Groups "OWASP Java HTML Sanitizer Support" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/owasp-java-html-sanitizer-support/ZpcCZdx6bUE/unsubscribe.
To unsubscribe from this group and all its topics, send an email to owasp-java-html-sanitizer-support+unsubscribe@googlegroups.com.
Yes you have to disable escaping in Groovy for the variable that contains the HTML you want to render. Here is a discussion of the details...
http://justthesam.com/2010/06/grails-gsp-html-escaping-confusion/
To unsubscribe from this group and stop receiving emails from it, send an email to owasp-java-html-saniti...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
-- Jim Manico Manicode Security https://www.manicode.com
khemais menzli / PreSales Director
kme...@exoplatform.com / (216) 28 71 47 24
eXo Platform
Tunisia
http://www.exoplatform.com
This e-mail message may contain confidential or legally privileged information and is intended only for the use of the intended recipient(s). Any unauthorized disclosure, dissemination, distribution, copying or the taking of any action in reliance on the information herein is prohibited. E-mails are not secure and cannot be guaranteed to be error free as they can be intercepted, amended, or contain viruses. Anyone who communicates with us by e-mail is deemed to have accepted these risks. eXoPlatform is not responsible for errors or omissions in this message and denies any responsibility for any damage arising from the use of e-mail. Any opinion and other statement contained in this message and any attachment are solely those of the author and do not necessarily represent those of the company.
-- Jim Manico Manicode Security https://www.manicode.com--
khemais menzli / PreSales Director
kme...@exoplatform.com / (216) 28 71 47 24
eXo Platform
Tunisia
http://www.exoplatform.com
This e-mail message may contain confidential or legally privileged information and is intended only for the use of the intended recipient(s). Any unauthorized disclosure, dissemination, distribution, copying or the taking of any action in reliance on the information herein is prohibited. E-mails are not secure and cannot be guaranteed to be error free as they can be intercepted, amended, or contain viruses. Anyone who communicates with us by e-mail is deemed to have accepted these risks. eXoPlatform is not responsible for errors or omissions in this message and denies any responsibility for any damage arising from the use of e-mail. Any opinion and other statement contained in this message and any attachment are solely those of the author and do not necessarily represent those of the company.
This is a Groovy issue. In order to display HTML in Groovy you need to disable the encoding for that variable.
- Jim
To unsubscribe from this group and stop receiving emails from it, send an email to owasp-java-html-saniti...@googlegroups.com.