[
https://issues.apache.org/jira/browse/OFBIZ-12653?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17894884#comment-17894884
]
Jacques Le Roux edited comment on OFBIZ-12653 at 11/2/24 7:20 AM:
------------------------------------------------------------------
To be quite clear, it's the same with Wiebke's patch or not. So with it there
is no regression and the code is cleaner => +1 for it.
So far, to have HTML code there it must be loaded from data.
was (Author: jacques.le.roux):
To be quite clear, it's the same with Wiebke's patch or not. So with it there
is no regression and the code is cleaner => 1 for it.
So far, to have HTML code there it must be loaded from data.
> Sanitizer <br> fail
> -------------------
>
> Key: OFBIZ-12653
> URL: https://issues.apache.org/jira/browse/OFBIZ-12653
> Project: OFBiz
> Issue Type: Bug
> Components: content
> Affects Versions: Upcoming Branch
> Reporter: Ingo Wolfmayr
> Assignee: Jacques Le Roux
> Priority: Major
> Fix For: 22.01.01
>
> Attachments: CustomSafePolicy.patch, OFBIZ-12653.patch,
> UtilCodec.patch
>
>
> I copied a text with multiple lines from a text editor into the Trumbowyg
> Html field.The editor creates the Html structure using unclosed <br> elements.
> Unfortunately the sanitizer logic just takes <br />. A security warning is
> thrown and the content will not be stored.
> Issue also a request on Trumbowyg request list:
> [https://github.com/Alex-D/Trumbowyg/issues/1283]
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
