Uploaded image for project: 'Sling'
  1. Sling
  2. SLING-5050

Disable AntiSamy's default formatOutput policy directive

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • XSS Protection API 1.0.4
    • XSS Protection API 1.0.6
    • Extensions
    • None

    Description

      By default AntiSamy enables the formatOutput policy directive [0], formatting markup sent to it. However this sometimes works against a developer's intention of outputting markup with Sightly.

      [0] - https://owaspantisamy.googlecode.com/files/Developer%20Guide.pdf

      Attachments

        Issue Links

          is duplicated by

          Bug - A problem which impairs or prevents the functions of the product. SLING-6959 XssProtection changes html semantic caused by formatting

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved

          Activity

            People

              radu Radu Cotescu
              radu Radu Cotescu
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: