Skip to content

encodeForHMTL() with immune_html #2

Closed
ricmetal opened this Issue Jul 26, 2011 · 3 comments

2 participants

@ricmetal

hi
i'm trying to allow the HTML br tag to be treated as a line break when using the encoder for printing text. if this is not a possibility with the jQuery plugin, i would like to ask for a request. i'm still looking into the encoder plugin. thanks

@chrisisbeef
Owner
@ricmetal

hi
thanks very much for your reply.

i understand that encoding as an only security measure should not be done but i still need to allow certain html tags to be accepted and treated as html.

would it possible to have the plugin allow certain html tags, like the esapi4js seems to allow?

"There are plans to write a js sanitized library as well" -> thats good to hear.

thanks

@chrisisbeef
Owner

@ricmetal - This should be handled in a sanitization library (such as Google Caja - https://developers.google.com/caja/?hl=en). I am going to close this issue. Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.