This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "AntiSamy Version Differences"
From OWASP
(creating comparison matrix for antisamy java vs .net) |
m |
||
| (4 intermediate revisions by the same user not shown) | |||
| Line 2: | Line 2: | ||
{| width="828" cellspacing="3" cellpadding="3" border="1" align="left" style="" summary="Shows the capability and feature differences amongst AntiSamy versions." | {| width="828" cellspacing="3" cellpadding="3" border="1" align="left" style="" summary="Shows the capability and feature differences amongst AntiSamy versions." | ||
| − | |+ | + | |+ <br> |
|- | |- | ||
! scope="col" | Feature<br> | ! scope="col" | Feature<br> | ||
| Line 9: | Line 9: | ||
|- | |- | ||
| align="left" | '''Safely parses HTML'''<br>''Does this version of AntiSamy allow users to provide HTML input that will filter out any dangerous data, including any JavaScript?''<br> | | align="left" | '''Safely parses HTML'''<br>''Does this version of AntiSamy allow users to provide HTML input that will filter out any dangerous data, including any JavaScript?''<br> | ||
| − | | Yes<br> | + | | align="center" | Yes<br> |
| − | | Yes<br> | + | | align="center" | Yes<br> |
|- | |- | ||
| − | | align="left" | '''Can parse and validate CSS instead of removing it'''<br>''Does this version of AntiSamy allow users to provide cascading style sheets as well as HTML without accepting any dangerous data that could allow phishing or other visual attacks?''<br> | + | | align="left" | '''Can parse and validate CSS instead of removing it'''<br>''Does this version of AntiSamy allow users to provide cascading style sheets as well as HTML without accepting any dangerous data that could allow phishing or other visual attacks?''<br> |
| − | | Yes<br> | + | | align="center" | Yes<br> |
| − | | | + | | align="center" | Mostly<br> |
|- | |- | ||
| − | | align="left" | ''' | + | | align="left" | '''Allows advanced processing options'''<br>''Does this version of AntiSamy support "directives", which can be used to implement advanced functionality and usability?'' |
| − | + | | align="center" | Yes | |
| − | + | | align="center" | No | |
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | | align=" | ||
| − | | Yes | ||
| − | |||
| − | |||
| − | | align=" | ||
| − | |||
| − | | No | ||
|} | |} | ||
<br> | <br> | ||
Latest revision as of 02:51, 20 October 2009
This page shows the different AntiSamy features and whether or not its available in a given port.
| Feature |
AntiSamy (Java) |
AntiSamy (.NET) |
|---|---|---|
| Safely parses HTML Does this version of AntiSamy allow users to provide HTML input that will filter out any dangerous data, including any JavaScript? |
Yes |
Yes |
| Can parse and validate CSS instead of removing it Does this version of AntiSamy allow users to provide cascading style sheets as well as HTML without accepting any dangerous data that could allow phishing or other visual attacks? |
Yes |
Mostly |
| Allows advanced processing options Does this version of AntiSamy support "directives", which can be used to implement advanced functionality and usability? |
Yes | No |
