6:[["$","$Le",null,{}],["$","div",null,{"className":"min-h-screen bg-gray-100 p-6","children":[["$","$Lf",null,{}],["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"{\"@context\":\"https://schema.org\",\"@type\":\"QAPage\",\"mainEntity\":{\"@type\":\"Question\",\"name\":\"antisamy does not encode @\",\"text\":\"

I am using antisamy 1.5 to prevent XSS.

\\n\\n

I saw issue when input was

\\n\\n

firstname,lastname<name@mail.com> or firstname,lastname<name@mail.com testing>\\n

\\n\\n

Result after Antisamy scan is same for both above case

\\n\\n

firstname,lastname<name>\\n

\\n\\n

I have below directive in policy file

\\n\\n

<directive name=\\\"onUnknownTag\\\" value=\\\"encode\\\"/>\\n

\\n\\n

Is there a place in policy file I can update to encode @ ?

\\n\",\"author\":{\"@type\":\"Person\",\"name\":\"Ankit\"},\"upvoteCount\":1,\"answerCount\":0,\"acceptedAnswer\":null}}"}}],["$","div",null,{"className":"bg-white shadow-md rounded-lg p-6 mb-6 relative","children":[["$","div",null,{"className":"absolute top-4 right-4 flex flex-wrap space-x-2","children":[["$","span","xss",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/xss/1","children":"xss"}]}],["$","span","antisamy",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/antisamy/1","children":"antisamy"}]}]]}],["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://www.gravatar.com/avatar/7715fc24d6d16472072c784b8183949a?s=256&d=identicon&r=PG","alt":"Ankit","className":"w-16 h-16 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/957167/ankit","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"Ankit"}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",338]}]]}]]}],["$","h1",null,{"className":"text-2xl font-bold text-gray-800 mb-4","children":"antisamy does not encode @"}],["$","p",null,{"className":"text-gray-700 mt-4","dangerouslySetInnerHTML":{"__html":"

I am using antisamy 1.5 to prevent XSS.

\n\n

I saw issue when input was

\n\n

firstname,lastname<name@mail.com> or firstname,lastname<name@mail.com testing>\n

\n\n

Result after Antisamy scan is same for both above case

\n\n

firstname,lastname<name>\n

\n\n

I have below directive in policy file

\n\n

<directive name=\"onUnknownTag\" value=\"encode\"/>\n

\n\n

Is there a place in policy file I can update to encode @ ?

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm mt-4","children":[["$","p",null,{"children":["Upvotes: ",1]}],["$","p",null,{"children":["Views: ",168]}]]}]]}],["$","div",null,{"className":"container mx-auto","children":[["$","h2",null,{"className":"text-2xl font-semibold text-gray-800 mb-6","children":["Answers (",0,")"]}],[]]}],["$","div",null,{"className":"bg-white shadow-md rounded-lg p-6 mt-6","children":[["$","h2",null,{"className":"text-2xl font-semibold text-gray-800 mb-4","children":"Related Questions"}],["$","ul",null,{"className":"list-disc list-inside","children":[["$","li","67839146",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/67839146","className":"text-blue-600 hover:underline","children":"Data URI is double-encoded by AntiXssEncoder"}]}],["$","li","12554194",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/12554194","className":"text-blue-600 hover:underline","children":"How to properly sanitize content with AntiXss Library?"}]}],["$","li","43135291",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/43135291","className":"text-blue-600 hover:underline","children":"AntiSamy to prevent XSS in java?"}]}],["$","li","38027525",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/38027525","className":"text-blue-600 hover:underline","children":"AntiXss.HtmlEncode warning :This method has been deprecated. Please use Encoder.HtmlEncode() instead"}]}],["$","li","32385774",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/32385774","className":"text-blue-600 hover:underline","children":"Confirm that antixss is actually being used when set as the default encoder in asp.net"}]}],["$","li","869089",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/869089","className":"text-blue-600 hover:underline","children":"Is there a good reason why AntiXss.JavaScriptEncode wraps result in single quotes?"}]}],["$","li","24856050",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/24856050","className":"text-blue-600 hover:underline","children":"AntiXSS JavaScriptEncode gets HTML encoded?"}]}],["$","li","24800295",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/24800295","className":"text-blue-600 hover:underline","children":"How to configure antisamy in cq 5.5?"}]}],["$","li","15439726",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/15439726","className":"text-blue-600 hover:underline","children":"JavaScriptEncode doesn't look right"}]}],["$","li","4827331",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/4827331","className":"text-blue-600 hover:underline","children":"Problem with encoding using AntiXss library"}]}]]}]]}]]}],["$","$L11",null,{}],["$","$L12",null,{}],["$","$L13",null,{}],["$","$L14",null,{}],["$","$L15",null,{}]]

antisamy does not encode @

Answers (0)

Related Questions