Giter Club home page Giter Club logo

Comments (3)

Andreas-Sommer-TUM avatar Andreas-Sommer-TUM commented on July 17, 2024 1

Thank you for the information. Using <![CDATA[ ... ]]> within <content:encoded> ... </content:encoded> fixed it.

from html-sanitizer.

ohader avatar ohader commented on July 17, 2024

Can you please share a link that shows how the scenario you describe is currently used and embedded?

Part of the RSS standards (0.9-2.0) are encapsulation as character data - to avoid being processed by XML parsers:

<content:encoded>
  <![CDATA[First line<br>
  Second line<br>
  Third line]]>
</content:encoded>

Since typo3/html-sanitizer relies on package mastermind/html5, I currently don't see many chances to support XML or XHTML in this package.

from html-sanitizer.

ohader avatar ohader commented on July 17, 2024

I've just spotted, that on https://typo3.org/?type=100 it's exactly integrated like this, using HTML5 markup.

<item>
    <guid isPermaLink="false">news-2210</guid>
    <pubDate>Tue, 10 Aug 2021 10:30:00 +0200</pubDate>
    <title>TYPO3 11.3.2, 10.4.19, 9.5.29, 8.7.42, 7.6.53 security releases published</title>
    <link>https://typo3.org/article/typo3-1132-10419-9529-8742-7653-security-releases-published</link>
    <description>The versions 11.3.2, 10.4.19, 9.5.29, 8.7.42, 7.6.53 of the
        TYPO3 Enterprise Content Management System have just been released.
    </description>
    <content:encoded>
        <![CDATA[
            <p class="alert alert-info"><strong>Know side-effects in recent releases</strong><br> <br>
            <em>updated Wed, Aug 11th 2021, 08:30 UTC</em><br> Integrating a new HTML sanitizer to
            avoid cross-site scripting in user-submitted content caused some negative side effects.
            <!-- ... removed rest of the content ... -->
        ]]>
    </content:encoded>
    <category>Development</category>
    <category>Security</category>
</item>

from html-sanitizer.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.