[sakai2-tcc] Question about AntiSamy decision

May, Megan Marie mmmay at indiana.edu
Wed Apr 24 05:15:25 PDT 2013 

File a blocker bug.   

Megan

Sent from my iPhone

On Apr 24, 2013, at 8:13 AM, "Neal Caidin" <nealcaidin at sakaifoundation.org> wrote:

> 
> Hi TCC,
> 
> For some reason I had it in my head that the default for AntiSamy in CLE 2.9.2 is on with Low setting.  But when I look at the recorded decision it indicates that AntiSamy will be disabled by default for 2.9.2 . Thirdly, when I look at the properties, it appears to me to be set to default on AntiSamy High. ugh :-p . Please help? 
> 
> See below for details.
> 
> Thanks,
> Neal
> 
> 
> Proposal
> --------------------------
> https://confluence.sakaiproject.org/display/TCC/2013+TCC+Voting+Summary
> 
> "PROPOSAL
> Inclusion of Anitsamy as a replacement of formattedtext in 2.9.2.  The change will be disabled OOTB and summaries of low and high AntiSamy policies will be provided in 'plain speak.'
> 
> Once there is positive production experience, Antisamy will be the default in subsequent releases (ie 2.9.3)."
> 
> AntiSamy properties in 2.9.x - https://source.sakaiproject.org/viewsvn/config/branches/sakai-2.9.x/configuration/bundles/src/bundle/org/sakaiproject/config/bundle/default.sakai.properties?view=markup
> -----------------------------
> # Force the use of the legacy html content processor (used in versions before and including 2.9),
> # if this is not overridden then the antisamy html cleaner will be used
> # Default: true in 2.9.x and below (do not use AntiSamy), false in 2.10.x and above (use AntiSamy)
> #content.cleaner.use.legacy.html=false
> 
> # Force the user of a lower security profile for content processing and scanning,
> # if this is not overridden then high security settings are used.
> # The standard high and low files are located in "kernel/sakai-kernel-impl/src/main/resources/antisamy/"
> # Override the standard files by placing your own files in:
> #       ${sakai.home}/antisamy/high-security-policy.xml
> #       ${sakai.home}/antisamy/low-security-policy.xml
> # NOTE: only works if AntiSamy is enabled (see content.cleaner.use.legacy.html)
> # Default: false (use high security - no unsafe embeds or objects)
> #content.cleaner.default.low.security=true
> 
> AntiSamy properties in Trunk - https://source.sakaiproject.org/viewsvn/config/trunk/configuration/bundles/src/bundle/org/sakaiproject/config/bundle/default.sakai.properties?view=markup
> --------------------------------
> # Force the use of the legacy html content processor (used in versions before and including 2.9),
> # if this is not overridden then the antisamy html cleaner will be used
> # Default: false (use AntiSamy)
> #content.cleaner.use.legacy.html=true
> 
> # Force the user of a lower security profile for content processing and scanning,
> # if this is not overridden then high security settings are used.
> # The standard high and low files are located in "kernel/sakai-kernel-impl/src/main/resources/antisamy/"
> # Override the standard files by placing your own files in:
> #       ${sakai.home}/antisamy/high-security-policy.xml
> #       ${sakai.home}/antisamy/low-security-policy.xml
> # NOTE: only works if AntiSamy is enabled (see content.cleaner.use.legacy.html)
> # Default: false (use high security - no unsafe embeds or objects)
> #content.cleaner.default.low.security=true
> 
> 
> _______________________________________________
> sakai2-tcc mailing list
> sakai2-tcc at collab.sakaiproject.org
> http://collab.sakaiproject.org/mailman/listinfo/sakai2-tcc

More information about the sakai2-tcc mailing list