yangbongsoo
yangbongsoo
### 2. `allowElements` `disallowElements` case in PolicyFactory and method, ```java ... ElementAndAttributePolicies p = e.getValue(); ElementAndAttributePolicies q = f.policies.get(elName); if (q != null) { p = p.and(q); } else {...
### 2. `allowElements` `disallowElements` case I think again, The idea of changing the existing structure is in the wrong order. I tried to solve the problem by adding new fields...
### 3. `allowUrlProtocols` `disallowUrlProtocols` case in below test code, I set allowUrlprotocols(allow) to newPolicy only. ```java // beforePolicy : X // newPolicy : allow @Test public void testAllowUrlProtocol2() { PolicyFactory...
If I add tryJoinWith method likes below interface in AttributePolicy, StylingPolicy will affect. ```java /** An attribute policy that is joinable. */ static interface JoinableAttributePolicy extends AttributePolicy, Joinable { //...
@jmanico thank you. our team(in corporation) decide to use sanitizer. But I want to contribute to continuous development on sanitizer, not just use. I think this is truly open source...
in addition, below tags received warning by MDN. `frameset` : Deprecated. no longer recommended. `keygen` : Obsolete. try to avoid using it `big` : Obsolete. try to avoid using it...
hello I am sanitizer user. could you share your sanitizer policy?
@saaspeter Hello. I am sanitizer user. I tested what you mentioned. ```java @Test public void testIssue213() { PolicyFactory policyFactory = new HtmlPolicyBuilder() .allowElements("a") .allowStandardUrlProtocols() .allowAttributes("href", "target") .onElements("a") .toFactory(); String sanitize...
in HtmlSanitizer, `"="` tagBodyToken.type is QSTRING. and it doesn't have problem itself. but because of next `"` , tagBodyToken end value is your input string last length. so process was...