Log Message: |
"Applied fix from trunk for revision: 1859871"
------------------------------------------------------------------------
r1859871 | jleroux | 2019-05-24 15:24:31 +0200 (ven. 24 mai 2019) | 14 lignes
Fixed: OWASP sanitizer breaks proper rendering of HTML code
(OFBIZ-10187)
After a discussion with Dennis, I checked and the pattern ONSITE_URL would be
useless without
.allowAttributes("background").matching(ONSITE_URL)
.onElements("table")
.allowAttributes("background").matching(ONSITE_URL)
.onElements("td", "th", "tr")
So here they are
Thanks: Dennis Balkir for discussion
------------------------------------------------------------------------
|