Issue with HTML Sanitization: Improper Handling of <div> Tag Inside <table>

[sumitkumar1110]

Hi, We are using the this library in Zimbra to sanitize customer-generated HTML content in emails. During this process, we encountered an issue where a

tag inside a tag causes improper sanitization. Specifically:

1. The sanitizer closes the

tag before the

tag and reopens it after the

.

The

tag does not close where it originally should; instead, it closes just before the end of the HTML document. It seems that the sanitizer uses a stack to manage tags and the

tag remains in the stack until all other tags are processed, causing it to close at the end of the document.

Before Sanitization `

</table>

`

After sanitization

`

Ważna uwaga dotycząca usługi: wsparcie dla sprzętu wygasło Numer konta: 1702669724

  <table><tbody><tr style="padding-top:0;padding-bottom:0"><td class="show-mobile-table-cell gmail-td-hide" style="padding-top:0;padding-bottom:0;display:none"><table class="show-mobile-table gmail-table-hide" align="center" border="0" cellpadding="0" cellspacing="0" style="width:100%;display:none"><tbody><tr><td class="show-mobile-table-cell pad-horiz-mobile gmail-td" colspan="2" style="display:none;background:#eee;color:#444;padding-top:20px;padding-bottom:20px;font-family:&#39;roboto&#39; , &#39;arial&#39; , sans-serif;font-size:20px;line-height:24px;font-weight:500;width:100%">Ważna uwaga dotycząca usługi: wsparcie dla sprzętu wygasło </td></tr><tr><td class="show-mobile-table-cell" valign="bottom" style="vertical-align:bottom;border-bottom:1px solid #01447c;padding-bottom:10px;padding-top:45px;padding-left:15px;display:none">
        <a href="https://urllink/path/sfasdfas" target="_blank" rel="nofollow noopener noreferrer"><img alt="new logo width="171" style="width:171px;display:block" border="0" dfsrc="https://images.com/LOGO_A.jpg" /></a>
  </td><td class="show-mobile-table-cell" valign="bottom" align="right" style="border-bottom:1px solid #01447c;vertical-align:bottom;color:#01447c;font-family:&#39;roboto&#39; , &#39;arial&#39; , sans-serif;font-size:12px;line-height:24px;font-weight:500;text-align:right;padding-top:0;padding-bottom:13px;padding-right:15px;display:none"><span class="link">Numer konta: 1702669724

`

At the end of the document the missing div tag is getting closed there's two div tag in the HTML document both get's closed at  end like this

` </div></div></td></tr></tbody></table>

`

In div tag we have a an attribute style="display:none" so if the div tag does not closes properly can cause contents of the body to not get displayed.

It will be great if someone can guide me on how to handle this situation or it can be considered as an enhancement or bugfix.

• © Githubissues.
• Githubissues is a development platform for aggregating issues.