HtmlSanitizer is a .NET library is used by Forge component for cleaning HTML.
In order to facilitate different use cases, HtmlSanitizer can be customized at several levels:
So what configuration is used by Forge component? Is it empty one (default settings are used) or some customization is done (if so what are details)?
Hi Valerij,
You are not explicitly mentioned which Forge component you talk about, the only HTML Sanitizer component in the Forge I could find is https://www.outsystems.com/forge/component-overview/8079/reactive-html-sanitizer which I build, and it doesn't use a .NET library.
The build in extension Sanitization, has SanitizeHTML action, that sanitizes the provided HTML using the OWASP Java HTML Sanitizer Project. The implemented policy follows the example in https://github.com/OWASP/java-html-sanitizer/blob/master/src/main/java/org/owasp/html/examples/EbayPolicyExample.java.
Regards,
Daniel
Hi Daniel, Thank you for your answer. Sorry for missing reference to Forge component. Actually our project code uses another one https://www.outsystems.com/forge/component-overview/15957/sanitization.Best regards,Valery
When you post a question you can also select the platform ODC or O11, that would make the process for people to help more efficiently. I updated your original post to reflect that your question is regarding ODC.
I forwarded your question internally to OutSystems, as I don't think the community will be able to answer it.