Encode HTML in JSON output

Question

Encode HTML in JSON output

cgi1 opened this issue 3 years ago · 2 comments

CSAF producers SHOULD NOT emit messages that contain HTML, even though all variants of Markdown permit it. To include HTML, source code, or any other content that may be interpreted or executed by a CSAF consumer, e.g. to provide a proof-of-concept, the issuing party SHALL use Markdown's fenced code blocks or inline code option.

Source: Safety, Security, and Data Protection Considerations

A/C:

Check for HTML content in XML input
Encode the HTML input for the JSON output
Write CI/CD test case, where the encoding is checked for a sample file containing HTML

Answer 1 · 2021-12-03T07:58:59.000Z

valid encoding from TC is markdown, so please just add a markdown codeblock around it.

Answer 2 · 2022-02-14T12:03:45.000Z

lower prio.