Error sanitizing with --> in <script> tag

OWASP / java-html-sanitizer

Takes third-party HTML and produces HTML that is safe to embed in your web application. Fast and easy to configure.

Other

847 stars 213 forks source link

Closed jvbrandis closed 6 years ago

jvbrandis commented 6 years ago

There seems to be a bug in the sanitizer when sanitizing script tags which contains a HTML comment end tag.

We generate a JSON blob which is inserted into a Githubissues.

Githubissues is a development platform for aggregating issues.