You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@ofbiz.apache.org by "Jacques Le Roux (Jira)" <ji...@apache.org> on 2022/06/20 09:29:00 UTC

[jira] [Commented] (OFBIZ-12653) Sanitizer
fail

    [ https://issues.apache.org/jira/browse/OFBIZ-12653?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17556292#comment-17556292 ] 

Jacques Le Roux commented on OFBIZ-12653:
-----------------------------------------

Hi Ingo,

If I understand it right, reading https://developer.mozilla.org/en-US/docs/Web/HTML/Element/br and HTML specs at https://html.spec.whatwg.org/multipage/text-level-semantics.html#the-br-element <br> is OK for HTML, <br /> is needed by XHTML.

I'll have a look to see why 
bq. the sanitizer logic just takes <br />

> Sanitizer <br> fail
> -------------------
>
>                 Key: OFBIZ-12653
>                 URL: https://issues.apache.org/jira/browse/OFBIZ-12653
>             Project: OFBiz
>          Issue Type: Improvement
>          Components: content
>    Affects Versions: Upcoming Branch
>            Reporter: Ingo Wolfmayr
>            Priority: Major
>
> I copied a text with multiple lines from a text editor into the Trumbowyg Html field.The editor creates the Html structure using unclosed <br> elements.
> Unfortunately the sanitizer logic just takes <br />. A security warning is thrown and the content will not be stored.
> Issue also a request on Trumbowyg request list:
> [https://github.com/Alex-D/Trumbowyg/issues/1283]



--
This message was sent by Atlassian Jira
(v8.20.7#820007)

[jira] [Commented] (OFBIZ-12653) Sanitizer fail

[jira] [Commented] (OFBIZ-12653) Sanitizer
fail