search

OWASP / java-html-sanitizer

Takes third-party HTML and produces HTML that is safe to embed in your web application. Fast and easy to configure.
Other
849 stars 214 forks source link

Issues encountered while processing <a> tags #333

Open hw30026125 opened 5 months ago

hw30026125 commented 5 months ago

When I have the following table and hyperlink in my html code

```html
<table>
    <tr>
        <td>
            <a href="http://www.bing.com">
                <table>
                    <tbody>
                    <tr>
                        <td>
                            <a href="http://www.bing.com">11111</a>
                        </td>
                    </tr>
                    <tr>
                        <td>
                            <a href="http://www.bing.com">22222</a>
                        </td>
                    </tr>
                    </tbody>
                </table>
            </a>
        </td>
    </tr>
</table>
After the owasp processing, the code becomes like this:

````md
<table>
    <tbody>
        <tr>
            <td>
                <a href="http://www.bing.com">
                    <table>
                        <tbody>
                            <tr>
                                <td> </td>
                            </tr>
                        </tbody>
                    </table>
                </a>
                <a href="http://www.bing.com">11111</a>
            </td>
        </tr>
        <tr>
            <td>
                <a href="http://www.bing.com">22222</a>
            </td>
        </tr>
    </tbody>
</table>

The original layout of the table has changed. Is this a bug?