[
https://issues.apache.org/jira/browse/OFBIZ-12653?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17556308#comment-17556308
]
Jacques Le Roux commented on OFBIZ-12653:
-----------------------------------------
After reading https://github.com/OWASP/java-html-sanitizer/issues/85 I conclude
there are at least 2 solutions to this problem
* https://github.com/Alex-D/Trumbowyg/issues/1283
* forcing <br> to <br /> on our side when passing the data to check
The 2nd seems faster ;)
> Sanitizer <br> fail
> -------------------
>
> Key: OFBIZ-12653
> URL: https://issues.apache.org/jira/browse/OFBIZ-12653
> Project: OFBiz
> Issue Type: Improvement
> Components: content
> Affects Versions: Upcoming Branch
> Reporter: Ingo Wolfmayr
> Priority: Major
>
> I copied a text with multiple lines from a text editor into the Trumbowyg
> Html field.The editor creates the Html structure using unclosed <br> elements.
> Unfortunately the sanitizer logic just takes <br />. A security warning is
> thrown and the content will not be stored.
> Issue also a request on Trumbowyg request list:
> [https://github.com/Alex-D/Trumbowyg/issues/1283]
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
