<a href =" ftp://test.com"> FTP link</a> (space befor the URL)Result: FTP linkIf Input is<a href = \"ftp://test.com\"> FTP link1</a> (space after href= )Result:FTP link1The issue is not see when the link has http
Input : <a href=" http://link.com" >link1</a>Result : <a href="http://link.com">link1</a>Input:<a href= "http://link.com" >link11</a>Result:<a href="http://link.com">link11</a>
--
You received this message because you are subscribed to the Google Groups "OWASP Java HTML Sanitizer Support" group.
To unsubscribe from this group and stop receiving emails from it, send an email to owasp-java-html-sanitizer-support+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
On Wed, Feb 7, 2018 at 5:29 AM, Rasmita Mahapatra <rasm...@gmail.com> wrote:<a href =" ftp://test.com"> FTP link</a> (space befor the URL)Result: FTP linkIf Input is<a href = \"ftp://test.com\"> FTP link1</a> (space after href= )Result:FTP link1The issue is not see when the link has httpDoes your policy allow ftp: URLs?
On Wednesday, February 7, 2018 at 7:35:13 PM UTC+5:30, Mike Samuel wrote:On Wed, Feb 7, 2018 at 5:29 AM, Rasmita Mahapatra <rasm...@gmail.com> wrote:<a href =" ftp://test.com"> FTP link</a> (space befor the URL)Result: FTP linkIf Input is<a href = \"ftp://test.com\"> FTP link1</a> (space after href= )Result:FTP link1The issue is not see when the link has httpDoes your policy allow ftp: URLs?No, its not supported.
On Feb 16, 2018 3:03 AM, "Rasmita Mahapatra" <rasm...@gmail.com> wrote:
On Wednesday, February 7, 2018 at 7:35:13 PM UTC+5:30, Mike Samuel wrote:On Wed, Feb 7, 2018 at 5:29 AM, Rasmita Mahapatra <rasm...@gmail.com> wrote:<a href =" ftp://test.com"> FTP link</a> (space befor the URL)Result: FTP linkIf Input is<a href = \"ftp://test.com\"> FTP link1</a> (space after href= )Result:FTP link1The issue is not see when the link has httpDoes your policy allow ftp: URLs?No, its not supported.That's probably why ftp URLs are being stripped.