You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi,
We are using the this library in Zimbra to sanitize customer-generated HTML content in emails. During this process, we encountered an issue where a
tag inside a tag causes improper sanitization. Specifically:
The sanitizer closes the
tag before the
tag and reopens it after the
.
The
tag does not close where it originally should; instead, it closes just before the end of the HTML document.
It seems that the sanitizer uses a stack to manage tags and the
tag remains in the stack until all other tags are processed, causing it to close at the end of the document.
At the end of the document the missing div tag is getting closed there's two div tag in the HTML document both get's closed at end like this
` </div></div></td></tr></tbody></table>
`
In div tag we have a an attribute style="display:none" so if the div tag does not closes properly can cause contents of the body to not get displayed.
It will be great if someone can guide me on how to handle this situation or it can be considered as an enhancement or bugfix.
The text was updated successfully, but these errors were encountered:
Hi,
We are using the this library in Zimbra to sanitize customer-generated HTML content in emails. During this process, we encountered an issue where a
It seems that the sanitizer uses a stack to manage tags and the
Before Sanitization
<table align="center" border="0" cellpadding="0" cellspacing="0" class="full-width-mobile" role="presentation" style="width:500px;background:#fff;" width="500"> <div class="mobilecontent mobilecontent-gmail" style="mso-hide:all;display:none;max-height:0px;overflow:hidden;padding:0;height:0;"> <!--[if !mso]><!--> <tr style="padding-top:0; padding-bottom:0;"> <td class="show-mobile-table-cell gmail-td-hide" style="padding-top:0;padding-bottom:0;display:none;mso-hide:all;"><table class="show-mobile-table gmail-table-hide" align="center" border="0" cellpadding="0" cellspacing="0" role="presentation" style="width:100%;display:none;mso-hide:all;"> <tr> <td class="show-mobile-table-cell pad-horiz-mobile gmail-td" colspan="2" style="display:none;mso-hide:all;background:#eee;color:#444;padding-top:20px;padding-bottom:20px;font-family:Roboto, Arial, sans-serif; font-size:20px; -mso-line-height-rule:exactly;line-height:24px;font-weight:500;width:100%">Ważna uwaga dotycząca usługi: wsparcie dla sprzętu wygasło </td> </tr> <tr> <td class="show-mobile-table-cell" valign="bottom" style="vertical-align:bottom;border-bottom: 1px solid #01447C;padding-bottom:10px;padding-top:45px;padding-left:15px;display:none;mso-hide:all;"> <a href="https://urllink/path/sfasdfas" target="_blank"><img src="https://images.com/LOGO_A.jpg" alt="new logo" width="171" style="width:171px; display: block;" border="0"></a> </td> <td class="show-mobile-table-cell" valign="bottom" align="right" style="border-bottom: 1px solid #01447C;vertical-align:bottom;color:#01447C;font-family:Roboto, Arial, sans-serif; font-size:12px; -mso-line-height-rule:exactly;line-height:24px;font-weight:500;text-align:right;padding-top:0;padding-bottom:13px;padding-right:15px;display:none;mso-hide:all;"><span class="link">Numer konta: 1702669724 </span></td> </tr> </table></td> </tr> <!--<![endif]--> </div> </table>After sanitization
`
`
In div tag we have a an attribute style="display:none" so if the div tag does not closes properly can cause contents of the body to not get displayed.
It will be great if someone can guide me on how to handle this situation or it can be considered as an enhancement or bugfix.
The text was updated successfully, but these errors were encountered: