java-html-sanitizer Issue when using < as a the comparaison string

Issue when using < as a the comparaison string

Open adelebendayan opened this issue 3 years ago • 2 comments

Hi, Is there a way to sanitize something like If b is 0 and a is 1 then b<a ? the sanitizer recognize <a as an html tag, and it looks like it's adding the closing tag and then it's going through the sanitizer, so something like

String entryText = "If b is 0 and a is 1 then b<a";
Policy policy = new HtmlPolicyBuilder().toFactory();
String result = policy.sanitize(entryText);

will return If b is 0 and a is 1 then b I'm expecting If b is 0 and a is 1 then b<a

(note that if the entry text is If b is 0 and a is 1 then b< a then the result is as expected If b is 0 and a is 1 then b< a)

Dec 20 '21 13:12 adelebendayan

If you have plain text, you might need not to sanitize (valid) HTML but to escape HTML special characters.

May 31 '23 14:05 csware

Duplicate of issue #173?

Jan 31 '24 09:01 csware

java-html-sanitizer java-html-sanitizer copied to clipboard

Issue when using < as a the comparaison string

java-html-sanitizer
java-html-sanitizer copied to clipboard