OWASP/java-html-sanitizer

Issues

• ClassNotFoundException: org.owasp.shim.Java8Shim after update to 20240325.1

  #329 opened 9 months ago by veita
  6

• Java8 Fallback is not working

  #349 opened 2 months ago by katta524
  1

• How to add new possible values(props) for existing DEFAULT css properties.

  #264 opened 3 years ago by lakshmisagar-as
  1

• CVE-2011-4457

  #348 opened 3 months ago by gulcher
  1

• On Java8Shim class, better to catch Throwable instead of Error

  #338 opened 8 months ago by JuanMiguelBG-Ticarum
  1

• Issue in 2024x version with styles

  #331 opened 9 months ago by subbudvk
  2

• "&times" word in html changes to ×

  #345 opened 4 months ago by kkiro-coder
  0

• Issue with HTML Sanitization: Improper Handling of <div> Tag Inside <table>

  #342 opened 6 months ago by sumitkumar1110
  0

• Please build the Java8/10 shim classes into the sanitizer JAR

  #341 opened 6 months ago by jlczuk
  0

• text-align literals are outdated

  #340 opened 7 months ago by DeepSnowNeeL
  0

• Clarify which BSD license applies

  #271 opened 2 years ago by lcoller
  1

• Licensing issue: BSD-3-Clause or BSD-2-Clause?

  #288 opened a year ago by stefan-hdt
  1

• Possible to enforce having mutliple attributes on tag?

  #337 opened 8 months ago by tom-mayer
  0

• rel attributes are reordered in 20220608.1

  #336 opened 9 months ago by damianszczepanik
  0

• Issues encountered while processing <a> tags

  #333 opened 9 months ago by hw30026125
  0

• Question: What means Recognize foreign content syntactic context: mathml / svg?

  #332 opened 9 months ago by RyosukeFukatani
  0

• Release 20240325 cannot be transpiled

  #330 opened 9 months ago by chris-moon
  1

• Guava removal breaks compatibility (with JDK9)

  #301 opened 9 months ago by csware
  13

• Sanitizing CSS

  #323 opened a year ago by subbudvk
  3

• Encoding malicious code instead of removing it

  #298 opened a year ago by bmscodespace
  4

• noopener noreferrer getting added every time even if "noopener noreferrer" already exist

  #280 opened 2 years ago by anupamamanish
  4

• Vulnerable dependency guava:30.1.jre

  #286 opened a year ago by aschufft
  3

• Discrepancies of results when sanitizing allowed tags

  #260 opened 3 years ago by Pamplemousse
  2

• CSS property `overflow-wrap` not included in CssSchema definition list

  #290 opened a year ago by kfritz
  0

• Html sanitizer repeatedly adds rel="noopener noreferrer" even if it's pre-exist

  #306 opened a year ago by anudhuri23
  1

• Index out of bound when empty list is passed to `allowAttributes(...).globally()`

  #300 opened a year ago by 1003n40
  0

• Remove malicious code from svg content

  #296 opened a year ago by mantri-mounika
  1

• <span> elements get removed even when allowed by the policy

  #283 opened 2 years ago by kocakosm
  2

• SECURITY.MD currently does not contain sensible information

  #309 opened a year ago by csware
  0

• xxx-large font-size is discarded when allowStyling() is used

  #291 opened a year ago by Ashish-Singh-B
  6

• bug: closing tag for </html> misplaced

  #285 opened 2 years ago by woodpexer
  1

• Stroke and stroke-width are considered invalid

  #265 opened 3 years ago by mb34890
  1

• Extra characters got added during sanitization of html

  #262 opened 3 years ago by arpitbansal1581
  1

• Behaviour with malformed HTML Input

  #278 opened a year ago by subbudvk
  0

• Issue while disallowing attributes matching pattern

  #292 opened a year ago by subbudvk
  0

• Sanitizer converting font names in 'style' attribute value to lower case

  #289 opened a year ago by anupbhore
  0

• "<" symbol with text inputs getting cleared, after applied the sanitize

  #276 opened 2 years ago by SasiprabuK
  3

• org.springframework.web.multipart.support.MissingServletRequestPartException: Required request part 'issueModel' is not present

  #281 opened 2 years ago by bhargavivuttaravilli123
  1

• How to customize the policy after defining the policy.

  #279 opened 2 years ago by zubairkhan1133
  0

• Question: How to not escape characters in plain text

  #269 opened 2 years ago by kennytv
  0

• independent attribute auto add value

  #277 opened 2 years ago by iloveuaa
  0

• Allow disabling the default attribute guards from HtmlPolicyBuilder

  #275 opened 2 years ago by rombert
  0

• Encoding.encodeHtmlAttribOnto visibility

  #273 opened 2 years ago by ihass
  0

• Sanitizing embedded css classes

  #268 opened 3 years ago by ragcrix
  1

• Incorrect escaping for inline svg+xml data image

  #270 opened 2 years ago by brsyuksel
  0

• Stripping off the contents when the extra comment tag has added with never ending

  #258 opened 3 years ago by rupeshtelus
  3

• tel URIs: Incorrect escaping due to missing RFC 3966 "tel:" URI syntax support/parsing

  #263 opened 3 years ago by jmiserez
  0

• Extra characters got added during sanitization of html

  #261 opened 3 years ago by arpitbansal1581
  2

• float in style attribute will be remove when using allowStyling()

  #259 opened 3 years ago by Sanan33
  0

• Content after script tag completely deleted?

  #257 opened 3 years ago by spyro2000
  1