search

xiebiao / owaspantisamy

Automatically exported from code.google.com/p/owaspantisamy
0 stars 0 forks source link

CSS Scanner gives extra format to inline styles. #22

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
If I give something like this to AntiSamy:

<p style="border: 3.0px;">hello</p>

It returns this:

<p style="    border: 3.0px;

">hello</p>"

It appends a tab before the "border" and appends the breakline after the
value. It shouldn't.

This is done in org\owasp\validator\css\CssHandler.java in the "property"
method in lines 471 and 482. If it's an inline value, it shouldn't append
those characters.

I attached the proposed fix.

Original issue reported on code.google.com by carlos.a...@gmail.com on 31 Jul 2008 at 11:30

Attachments:

GoogleCodeExporter commented 9 years ago 
We will look into it.

Original comment by arshan.d...@gmail.com on 7 Aug 2008 at 1:08

GoogleCodeExporter commented 9 years ago

Original comment by arshan.d...@gmail.com on 21 Nov 2008 at 6:17