[ https://issues.apache.org/jira/browse/OFBIZ-12653?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17556308#comment-17556308 ]
Jacques Le Roux commented on OFBIZ-12653: ----------------------------------------- After reading https://github.com/OWASP/java-html-sanitizer/issues/85 I conclude there are at least 2 solutions to this problem * https://github.com/Alex-D/Trumbowyg/issues/1283 * forcing <br> to <br /> on our side when passing the data to check The 2nd seems faster ;) > Sanitizer <br> fail > ------------------- > > Key: OFBIZ-12653 > URL: https://issues.apache.org/jira/browse/OFBIZ-12653 > Project: OFBiz > Issue Type: Improvement > Components: content > Affects Versions: Upcoming Branch > Reporter: Ingo Wolfmayr > Priority: Major > > I copied a text with multiple lines from a text editor into the Trumbowyg > Html field.The editor creates the Html structure using unclosed <br> elements. > Unfortunately the sanitizer logic just takes <br />. A security warning is > thrown and the content will not be stored. > Issue also a request on Trumbowyg request list: > [https://github.com/Alex-D/Trumbowyg/issues/1283] -- This message was sent by Atlassian Jira (v8.20.7#820007)