java-html-sanitizer icon indicating copy to clipboard operation
java-html-sanitizer copied to clipboard

Published 20 hours ago verified publisher icon OWASP

Don't Support <![CDATA[ ]]>

Open jimmyleeeeee opened this issue 3 years ago • 0 comments

  • any input that causes the problem :
  • The default policy: EbayPolicyExample
  • the output you expect:

The exmaple Code: String html = ""; String expected = ""; SanitizedResult result =org.owasp.html.HtmlSanitizer.sanitize(html, hcr.getWrappedPolicy()); assertEquals(expected, result.getCleanHTML());

In my case, the input with CDATA is OK. But, after Sanitizer, the output data is empty. Is it possible to support CDATA?

jimmyleeeeee avatar Jan 24 '22 02:01 jimmyleeeeee