View Directory | Revision Log | View Changeset
/hippo/hippo-components/htmlcleaner/trunk/src
File Last Change
 ../
main/ 34416 (10 years ago) by jbloemendal: CMS7-6095: root javascript element xss get transformed into head script xss XSS which is part of a head element with no following body element is not getting removed. The neko parser transforms the html structure, if no body element is present the HtmlRepairer is throwing an exception. The html-element cleanup method is split up into html- and head-element, in case the body-element is reached the head-element method is skipping further processing.
test/ 34417 (10 years ago) by jbloemendal: CMS7-6095: root javascript element xss get transformed into head script xss Add test to validate explicit allowed javascript as child of the body element is not getting cleaned.
0 files shown