Number Format Exception thrown by the batik css parser
(styleScanner.scanInlineStyle) are not handled for inline style in DOM and
inline & Embedded style in SAX. this cause the cleaner to fail. The attached
patch fixes the
issue.
What steps will reproduce the problem?
CASE1. parse the below content using DOM
<h2 style="color: #fff; background:#333; width:50&; text-align:left;
padding:5px;">Tarifa por persona</h2>
CASE2. parse the below content using SAX
<style>
body {
color: black;
font-family: Book Antiqua;
}
h1 {
color: red;
width: 50&;
}
CASE3. parse the below content using SAX
<h2 style="color: #fff; background:#333; width:50&; text-align:left;
padding:5px;">Tarifa por persona</h2>
What version of the product are you using? On what operating system?
product : antisamy 1.5.3
java : "1.6.0_24"
OS : ubuntu 12.04_LTS
Please provide any additional information below.
This issue is previously reported and fixed only for embedded style CSS using
DOM
https://code.google.com/p/owaspantisamy/issues/detail?id=106
Original issue reported on code.google.com by begam.as...@gmail.com on 16 Jul 2015 at 5:15
Original issue reported on code.google.com by
begam.as...@gmail.comon 16 Jul 2015 at 5:15Attachments: