[ https://issues.apache.org/jira/browse/SLING-7476?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16355621#comment-16355621 ]
Tobias Bocanegra commented on SLING-7476: ----------------------------------------- well, this is a limitation of the underlying library, which can't be configured via OSGi config. I'm ok with that, since it's insane to have such long strings :-) but the error is a bit misleading. I would expect: - either an IllegalArgumentException that explains why it fails - or better, the text being truncated to the limit. > XSSAPI.filterHTML() fails if source > 200k > ------------------------------------------ > > Key: SLING-7476 > URL: https://issues.apache.org/jira/browse/SLING-7476 > Project: Sling > Issue Type: Bug > Components: XSS Protection API > Affects Versions: XSS Protection API 2.0.4 > Reporter: Tobias Bocanegra > Priority: Major > > when filtering a source that is larger than 200k, the xss api fails with: > {noformat} > java.lang.RuntimeException: Unable to scan input > at > org.apache.sling.xss.impl.HtmlToHtmlContentContext.filter(HtmlToHtmlContentContext.java:73) > at > org.apache.sling.xss.impl.XSSFilterImpl.filter(XSSFilterImpl.java:190) > at > org.apache.sling.xss.impl.XSSFilterImpl.filter(XSSFilterImpl.java:123) > at org.apache.sling.xss.impl.XSSAPIImpl.filterHTML(XSSAPIImpl.java:466) > at > org.apache.sling.xss.impl.XSSAPIImplTest.testFilterLargeHTML(XSSAPIImplTest.java:223) > {noformat} > Test: > {code} > @Test > public void testFilterLargeHTML() { > final int SIZE = 210000; > StringBuilder b = new StringBuilder(SIZE); > while (b.length() < SIZE) { > b.append("Lorem ipsum dolor sit amet, consectetur adipiscing > elit. Donec at enim et dui egestas accumsan amet."); > } > String source = b.toString(); > TestCase.assertEquals("Filtering large source", source, > xssAPI.filterHTML(source)); > } > {code} -- This message was sent by Atlassian JIRA (v7.6.3#76005)