[Building Sakai] More AntiSamy issues
Kusnetz, Jeremy
JKusnetz at APUS.EDU
Wed Jul 31 08:39:38 PDT 2013
Things we are finding that are causing us problems:
Pixels are not allowed in these tags.
Some results:
1. <p style="margin-bottom:0.0in;">hello</p>
Result: Passes
2. <p style="margin-bottom:0in;margin-bottom:.0001pt;">
Hello</p>
Result: Alert: The p tag had a style attribute, "margin-bottom", that could not be allowed for security reasons.
The pixel part of the code is automatically removed, leaving:
<p style="margin-bottom: 0.0in;">
Hello</p>
3. <p style="margin-bottom:.0001pt;">
Hello</p>
Result: Alert: The p tag had a style attribute, "margin-bottom", that could not be allowed for security reasons.
Strips code down to:
<p style="">
Hello</p>
Jeremy Kusnetz | Sr. Systems Engineer
American Public University System
American Military University | American Public University
661 S George Street, Charles Town, WV 25414
T 304-885-5333 | M 703-967-5212 | jkusnetz at apus.edu<mailto:jkusnetz at apus.edu>| www.apus.edu<http://www.apus.edu>
This message is private and confidential. If you have received it in error, please notify the sender and remove it from your system.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/sakai-dev/attachments/20130731/5dc87bca/attachment.html
More information about the sakai-dev
mailing list