Would it make sense to add a tag/function to validate and or sanitize HTML input to lucee?

Hi,
would it make sense to add a tag/function to validate and/or sanitize HTML
input to lucee?

Maybe add all of the following libraries (if the licences allows it)
https://www.owasp.org/index.php/OWASP_Java_HTML_Sanitizer_Project
https://jsoup.org/
https://www.owasp.org/index.php/Category:OWASP_AntiSamy_Project

and let a param in the function decide which to use?

Regards
Thorsten

I love jSoup but considering using it is as easy as dropping the jar into
your lib folder and using the following, I’m not sure there’s a need to
build it into the language: objJsoup = createObject( “java”,
“org.jsoup.Jsoup” );​

Mike

Hi,

would it make sense to add a tag/function to validate and/or sanitize HTML
input to lucee?

Maybe add all of the following libraries (if the licences allows it)
https://www.owasp.org/index.php/OWASP_Java_HTML_Sanitizer_Project
https://jsoup.org/
https://www.owasp.org/index.php/Category:OWASP_AntiSamy_Project

and let a param in the function decide which to use?

Regards
Thorsten


Love Lucee? Become a supporter and be part of the Lucee project today! -
http://lucee.org/supporters/become-a-supporter.html

You received this message because you are subscribed to the Google Groups
“Lucee” group.
To unsubscribe from this group and stop receiving emails from it, send an
email to lucee+unsubscribe@googlegroups.com.
To post to this group, send email to lucee@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/lucee/e66cf8b2-8740-41e6-aa27-a7bb78c58038%40googlegroups.com
https://groups.google.com/d/msgid/lucee/e66cf8b2-8740-41e6-aa27-a7bb78c58038%40googlegroups.com?utm_medium=email&utm_source=footer
.
For more options, visit https://groups.google.com/d/optout.

​On Fri, Apr 22, 2016 at 5:35 AM, thorsteneilers via Lucee < lucee@googlegroups.com> wrote:

If you’re a ColdBox user, just run

box install cbantisamy

and you can call

#getIntsance( “antisamy@cbantisamy” ).clean( … )#

I think things like this which can start to bloat the engine with jars make
a great candidate for extensions or modules.

Thanks!

~BradOn Friday, April 22, 2016 at 7:16:05 AM UTC-5, Harry Klein wrote:

http://blog.getrailo.com/post.cfm/railo-parsing-dirty-html-into-valid-xml

Still supported in Lucee:

http://docs.lucee.org/reference/functions/htmlparse.html

-Harry

Von: lucee@googlegroups.com [mailto:lucee@googlegroups.com] *Im Auftrag
von *Michael Sprague
Gesendet: Freitag, 22. April 2016 13:50
An: lucee lucee@googlegroups.com
Betreff: Re: [Lucee] Would it make sense to add a tag/function to
validate and or sanitize HTML input to lucee?

I love jSoup but considering using it is as easy as dropping the jar into
your lib folder and using the following, I’m not sure there’s a need to
build it into the language: objJsoup = createObject( “java”,
“org.jsoup.Jsoup” );​

Mike

On Fri, Apr 22, 2016 at 5:35 AM, thorsteneilers via Lucee < lucee@googlegroups.com> wrote:

Hi,
would it make sense to add a tag/function to validate and/or sanitize HTML
input to lucee?

Maybe add all of the following libraries (if the licences allows it)
https://www.owasp.org/index.php/OWASP_Java_HTML_Sanitizer_Project
https://jsoup.org/
https://www.owasp.org/index.php/Category:OWASP_AntiSamy_Project

and let a param in the function decide which to use?

Regards
Thorsten


Love Lucee? Become a supporter and be part of the Lucee project today! -
http://lucee.org/supporters/become-a-supporter.html

You received this message because you are subscribed to the Google Groups
“Lucee” group.
To unsubscribe from this group and stop receiving emails from it, send an
email to lucee+unsubscribe@googlegroups.com.
To post to this group, send email to lucee@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/lucee/e66cf8b2-8740-41e6-aa27-a7bb78c58038%40googlegroups.com
https://groups.google.com/d/msgid/lucee/e66cf8b2-8740-41e6-aa27-a7bb78c58038%40googlegroups.com?utm_medium=email&utm_source=footer
.
For more options, visit https://groups.google.com/d/optout.


Love Lucee? Become a supporter and be part of the Lucee project today! -
http://lucee.org/supporters/become-a-supporter.html

You received this message because you are subscribed to the Google Groups
“Lucee” group.
To unsubscribe from this group and stop receiving emails from it, send an
email to lucee+unsubscribe@googlegroups.com.
To post to this group, send email to lucee@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/lucee/CAB1Zp0K5vBGSF8LzuNEXbV0WdpJMKW5qG38%3Df7A8tURNt3%3DRUg%40mail.gmail.com
https://groups.google.com/d/msgid/lucee/CAB1Zp0K5vBGSF8LzuNEXbV0WdpJMKW5qG38%3Df7A8tURNt3%3DRUg%40mail.gmail.com?utm_medium=email&utm_source=footer
.
For more options, visit https://groups.google.com/d/optout.