Issue while using <script>alert("Hello")

OWASP / java-html-sanitizer

Takes third-party HTML and produces HTML that is safe to embed in your web application. Fast and easy to configure.

Other

843 stars 213 forks source link

Issue while using <script>alert("Hello") #241

Open dhirajbadu opened 2 years ago

dhirajbadu commented 2 years ago

Hi,

String entryText = "" for this I am expecting "This is test 'Hello'"

Is it possible to achieve this?

spaffrath commented 2 years ago

The content of a script tag is not intended to be displayed on a webpage, rather it is intended to be executed. I believe the current behavior is deliberate and correct.