search

dqw / owaspantisamy

Automatically exported from code.google.com/p/owaspantisamy
0 stars 0 forks source link

Antisamy is replacing '&' charcarter to '&' #54

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago 
What steps will reproduce the problem?
1. Enter text 'Hello&Bye'
2. Antisamy replaces the '&' charater in the input string
3.

What is the expected output? What do you see instead?
Expected Output - 'Hello&Bye'
Actual Output - 'Hello&Bye'

What version of the product are you using? On what operating system?
antisamy1.3, Windows XP

Please provide any additional information below.

Original issue reported on code.google.com by rajat...@gmail.com on 1 Oct 2009 at 12:09

GoogleCodeExporter commented 8 years ago 
Thanks for the report. Unfortunately, I don't think I can justify outputting 
known
erroneous data. Use of the ampersand entity should have zero effect on the 
display of
the data. Can you elaborate on why this is a problem? Your use case may inspire 
me.

Original comment by arshan.d...@gmail.com on 15 Oct 2009 at 3:47

GoogleCodeExporter commented 8 years ago

Original comment by arshan.d...@gmail.com on 24 Nov 2009 at 3:23

GoogleCodeExporter commented 8 years ago 
In my application, we store the data entered by the user (after validating with
antisamy) in the DB. and then when we display is back , the user is '&' instead
of '&' which looks bad in the UI (as the data is populated from DB)

If this could be configurable that would be of great advantage.
One more thing, i couldn't find details about the policy file any where.

Original comment by rajat...@gmail.com on 24 Nov 2009 at 3:52

GoogleCodeExporter commented 8 years ago 
Hi Guys,

This is a real issue for us as well. Is there no workaround for this?

Thanks

Original comment by prashant...@pixalsoft.com on 22 Dec 2012 at 5:57