issues
search
OWASP
/
java-html-sanitizer
Takes third-party HTML and produces HTML that is safe to embed in your web application. Fast and easy to configure.
Other
834
stars
209
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
CSS 3 and 4 not supported
#242
lauralanwu
opened
2 years ago
1
Issue while using <script>alert("Hello")
#241
dhirajbadu
opened
2 years ago
1
Issue when using < as a the comparaison string
#240
adelebendayan
opened
2 years ago
2
Comments don't get removed if inside curly brackets
#239
matthiasunt
opened
2 years ago
1
Do not ignore attributes allowed globally together with 'style' (#237)
#238
corebonts
opened
2 years ago
2
Attributes allowed globally together with "style" are lost
#237
corebonts
opened
2 years ago
2
Overflow is sanitized
#236
Butanium
opened
2 years ago
8
HTML Comment Sanitization Issue
#235
log2akshat
opened
2 years ago
1
CSS grids not supported
#234
CGjupoulton
opened
2 years ago
4
How to give input to jar file and get the processed output?
#233
pr0t0nus3rxyz
closed
2 years ago
2
font-family sanitization issue
#232
jurajvalkucak
opened
3 years ago
1
Use HTML5 comment syntax instead of HTML4
#231
alelievre44
opened
3 years ago
7
Question: how to replace tag with another tag with inner text?
#230
IvanPizhenko
opened
3 years ago
9
Sanitizer wrongly quotes generic-named font-family CSS values
#229
voborl00
opened
3 years ago
5
text-decoration properties not supported
#228
myin142
opened
3 years ago
1
Bump guava from 27.1-jre to 29.0-jre in /parent
#227
dependabot[bot]
closed
3 years ago
1
Guava dependency has a CVE-2020-8908
#226
thinkingstone
closed
2 years ago
3
Proposed fix for issue #223: forbidden character references in sanitized html
#225
simon-greatrix
opened
3 years ago
4
PolicyFactory / fast copy constructor or method
#224
JohannesLichtenberger
opened
3 years ago
2
Forbidden numeric character references appear in sanitized HTML
#223
simon-greatrix
opened
3 years ago
6
Issue in replacemnt in url in achor tag href attr with html sanitization
#222
jrjena136
opened
3 years ago
3
check html special letter in StandardUrlAttributePolicy
#221
yangbongsoo
closed
3 years ago
2
is <plaintext> element required ??
#220
Sam2243
opened
3 years ago
1
Not able to sanitize html when plaintext tag is included
#219
manangurjar
opened
3 years ago
7
Fixed allowAtributes("style").globally()
#218
aakritisi
closed
3 years ago
2
Fix code formatting lint checks
#217
mikesamuel
closed
3 years ago
0
hsl() and hsla() preserved
#216
aakritisi
closed
3 years ago
3
Bump junit from 4.12 to 4.13.1 in /parent
#215
dependabot[bot]
closed
3 years ago
3
Edited CssSchema to preserve hsl() and hsla() functions
#214
aakritisi
closed
3 years ago
1
possible xss attack in StandardUrlAttributePolicy
#213
saaspeter
opened
3 years ago
3
hsl() is not a predefined default CSS function
#212
KirillMakrutin
closed
3 years ago
1
Expose StandardUrlAttributePolicy
#211
sdlin
closed
3 years ago
5
Create aboutAnonymousObject
#210
me-jyotii
closed
3 years ago
1
Nested lists get sanitised incorrectly
#209
pcelentano
opened
3 years ago
2
Font tag stripped when allowing old HTML formatting tags
#208
mcdobr
closed
3 years ago
6
Allow CSS variables in inline styles
#207
apottere
opened
4 years ago
5
Do not lcase element or attribute names that match SVG or MathML name…
#206
mikesamuel
closed
4 years ago
3
The sanitizer is removing HTML when the tag depth is more than 256 sanitizer removes the tags which actually has the content
#205
rasmitam
opened
4 years ago
5
about PolicyFactory.and(PolicyFactory f) job
#204
yangbongsoo
opened
4 years ago
5
add tag in safeName method in HtmlStreamRenderer
#203
yangbongsoo
opened
4 years ago
3
Naver corporation xss policy contribute
#202
yangbongsoo
closed
2 years ago
1
Use html.standard rules for when a semicolon is optional after `&name`
#201
mikesamuel
closed
4 years ago
1
Naver corporation xss policy contribute
#200
yangbongsoo
closed
2 years ago
0
Union policy skipIfEmpty value issue
#199
yangbongsoo
closed
4 years ago
2
'-' and '_' may be treated in plain letters.
#198
yangbongsoo
closed
4 years ago
3
Union policy skipIfEmpty value issue
#197
yangbongsoo
closed
4 years ago
3
Allow colspan attribute on td and th elements
#196
krische
opened
4 years ago
1
Allow colspan attribute on td and th elements in TABLES PolicyFactory
#195
krische
opened
4 years ago
2
Impossible to disallow text in elements
#194
eugine
opened
4 years ago
1
decoded html entities in href
#193
fr3akX
closed
4 years ago
1
Previous
Next