Uploaded image for project: 'XWiki Platform'
  1. XWiki Platform
  2. XWIKI-20249

Take into account xml.htmlElementSanitizer properties for client side sanitation

    XMLWordPrintable

Details

    • Improvement
    • Resolution: Unresolved
    • Major
    • None
    • 13.10.9, 14.4.5, 14.9-rc-1
    • Live Data
    • None
    • Unknown

    Description

      Currently, client side html sanitation based on DOMPurify does not take into account xml.htmlElementSanitizer properties. This could lead to content being escaped differently client side and server side.
      Note: as of now, only the Live Data macro, under some condition, perform html sanitation.

      Attachments

        Activity

          People

            Unassigned Unassigned
            mleduc Manuel Leduc
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated: