Content in tags are shown encoded
66 views
Skip to first unread message
Salman Khan
Jun 2, 2016, 8:22:37 AM6/2/16
to OWASP Java HTML Sanitizer Support
Some content like @ ` are shown as encoded in tags like <p> or <a>. In there a way to mention tags in which the content should not be encoded ?
Thanks,
Salman
Thanks,
Salman
Salman Khan
Jun 2, 2016, 8:32:58 AM6/2/16
to OWASP Java HTML Sanitizer Support
Another example for encoding is
<SPAN style="FONT-SIZE: 10pt; FONT-FAMILY: 'Verdana','sans-serif'">Savings </SPAN> gets transformed to <span style="font-size:10pt;font-family:'verdana' ,">Savings </span>
Thanks,
Salman
<SPAN style="FONT-SIZE: 10pt; FONT-FAMILY: 'Verdana','sans-serif'">Savings </SPAN> gets transformed to <span style="font-size:10pt;font-family:'verdana' ,">Savings </span>
Thanks,
Salman
Mike Samuel
Jun 4, 2016, 11:50:38 AM6/4/16
to OWASP Java HTML Sanitizer Support
How is this a problem?
--
You received this message because you are subscribed to the Google Groups "OWASP Java HTML Sanitizer Support" group.
To unsubscribe from this group and stop receiving emails from it, send an email to owasp-java-html-saniti...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Mike Samuel
Jul 3, 2017, 10:39:00 AM7/3/17
to kryaz...@gmail.com, OWASP Java HTML Sanitizer Support
On Mon, Jul 3, 2017 at 10:20 AM, <kryaz...@gmail.com> wrote:
> Hi, I'm trying to add Microsoft OCS links
>
> For example following link starts chat: <a
> href="im:<sip:alexa...@yk.com><sip:den...@yk.com>">group</a>
> but the output is encoded: <a
> href="im:[<sip:alexander.x@yk.com><sip:denis.y@yk.com>]">group</a>
>
> < , @ , > is not a problem, but [ and ] is. Could you please
> advise
IIUC, you are actually seeing square brackets in the output?
What policy are you using?
Is it possible that a List is being implicitly coerced via
String.valueOf in a custom attribute handler?
> Hi, I'm trying to add Microsoft OCS links
>
> For example following link starts chat: <a
> href="im:<sip:alexa...@yk.com><sip:den...@yk.com>">group</a>
> but the output is encoded: <a
> href="im:[<sip:alexander.x@yk.com><sip:denis.y@yk.com>]">group</a>
>
> < , @ , > is not a problem, but [ and ] is. Could you please
> advise
IIUC, you are actually seeing square brackets in the output?
What policy are you using?
Is it possible that a List is being implicitly coerced via
String.valueOf in a custom attribute handler?
kryaz...@gmail.com
Jul 3, 2017, 10:39:54 AM7/3/17
to OWASP Java HTML Sanitizer Support, mikes...@gmail.com
Hi, I'm trying to add Microsoft OCS links
For example following link starts chat: <a href="im:<sip:alexa...@yk.com><sip:den...@yk.com>">group</a>
but the output is encoded: <a href="im:[<sip:alexander.x@yk.com><sip:denis.y@yk.com>]">group</a>
< , @ , > is not a problem, but [ and ] is. Could you please advise
Thanks in advance
суббота, 4 июня 2016 г., 16:50:38 UTC+1 пользователь Mike Samuel написал:
To unsubscribe from this group and stop receiving emails from it, send an email to owasp-java-html-sanitizer-support+unsubscribe@googlegroups.com.
kryaz...@gmail.com
Jul 3, 2017, 11:53:20 AM7/3/17
to OWASP Java HTML Sanitizer Support, kryaz...@gmail.com, mikes...@gmail.com
Mike, thx for quick reply!
Looks like false alarm. Had to restart IDEA and now square brackets are gone. Have no idea what happened. Will update you, if reproduce this once again. Sorry!
понедельник, 3 июля 2017 г., 15:39:00 UTC+1 пользователь Mike Samuel написал:
понедельник, 3 июля 2017 г., 15:39:00 UTC+1 пользователь Mike Samuel написал:
On Mon, Jul 3, 2017 at 10:20 AM, <kryaz...@gmail.com> wrote:
> Hi, I'm trying to add Microsoft OCS links
>
> For example following link starts chat: <a
> href="im:<sip:ale...@yk.com><sip:d...@yk.com>">group</a>
Reply all
Reply to author
Forward
0 new messages