Tobias Bocanegra created SLING-7476:
---------------------------------------
Summary: XSSAPI.filterHTML() fails if source > 200k
Key: SLING-7476
URL: https://issues.apache.org/jira/browse/SLING-7476
Project: Sling
Issue Type: Bug
Components: XSS Protection API
Affects Versions: XSS Protection API 2.0.4
Reporter: Tobias Bocanegra
when filtering a source that is larger than 200k, the xss api fails with:
{noformat}
java.lang.RuntimeException: Unable to scan input
at
org.apache.sling.xss.impl.HtmlToHtmlContentContext.filter(HtmlToHtmlContentContext.java:73)
at
org.apache.sling.xss.impl.XSSFilterImpl.filter(XSSFilterImpl.java:190)
at
org.apache.sling.xss.impl.XSSFilterImpl.filter(XSSFilterImpl.java:123)
at org.apache.sling.xss.impl.XSSAPIImpl.filterHTML(XSSAPIImpl.java:466)
at
org.apache.sling.xss.impl.XSSAPIImplTest.testFilterLargeHTML(XSSAPIImplTest.java:223)
{noformat}
Test:
{code}
@Test
public void testFilterLargeHTML() {
final int SIZE = 210000;
StringBuilder b = new StringBuilder(SIZE);
while (b.length() < SIZE) {
b.append("Lorem ipsum dolor sit amet, consectetur adipiscing elit.
Donec at enim et dui egestas accumsan amet.");
}
String source = b.toString();
TestCase.assertEquals("Filtering large source", source,
xssAPI.filterHTML(source));
}
{code}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
