Remove URL length constraint

OWASP / java-html-sanitizer

Takes third-party HTML and produces HTML that is safe to embed in your web application. Fast and easy to configure.

Other

834 stars 209 forks source link

Remove URL length constraint #287

Open ioleo opened 10 months ago

ioleo commented 10 months ago

Fix #187

The length of the input should not really be validated in sanitizer, rather the whole HTTP request body should be constrained. This PR removes the troublesome constraint.

jmanico commented 10 months ago

cc @mikesamuel ?

mikesamuel commented 6 months ago

Linked to SO thread on URL length limits in #187

csware commented 5 months ago

Maybe this should be configurable?