diff --git a/Makefile b/Makefile
index 0fb9df47..2124b2c8 100644
--- a/Makefile
+++ b/Makefile
@@ -3,7 +3,7 @@ SHELL := /bin/bash
.SHELLFLAGS := -eu -o pipefail -c
VERSION := 8
-WOVN_VERSION := 1.14.3
+WOVN_VERSION := 1.14.4
TARGET_DIR = ${PWD}
MAVEN = docker run -i --rm -v ${TARGET_DIR}:/project -v wovnjava-maven_repo:/root/.m2 -w /project maven:3-jdk-$(VERSION) mvn
WEBSITE_CONFIG_FILE = pom.xml
diff --git a/docker/java8/hello/pom.xml b/docker/java8/hello/pom.xml
index 20908586..c5c76973 100644
--- a/docker/java8/hello/pom.xml
+++ b/docker/java8/hello/pom.xml
@@ -23,9 +23,9 @@
com.github.wovnio
wovnjava
- 1.14.3
+ 1.14.4
system
- ${basedir}/src/main/webapp/WEB-INF/lib/wovnjava-1.14.3-jar-with-dependencies.jar
+ ${basedir}/src/main/webapp/WEB-INF/lib/wovnjava-1.14.4-jar-with-dependencies.jar
org.json
diff --git a/pom.xml b/pom.xml
index ea89e60a..f88b7f0f 100644
--- a/pom.xml
+++ b/pom.xml
@@ -7,7 +7,7 @@
com.github.wovnio
wovnjava
wovnjava
- 1.14.3
+ 1.14.4
https://github.com/WOVNio/wovnjava
diff --git a/src/main/java/com/github/wovnio/wovnjava/HtmlConverter.java b/src/main/java/com/github/wovnio/wovnjava/HtmlConverter.java
index 30db988e..d525def7 100644
--- a/src/main/java/com/github/wovnio/wovnjava/HtmlConverter.java
+++ b/src/main/java/com/github/wovnio/wovnjava/HtmlConverter.java
@@ -10,7 +10,6 @@
import org.jsoup.nodes.Element;
import org.jsoup.select.Elements;
import org.jsoup.parser.Tag;
-import org.jsoup.safety.Safelist;
class HtmlConverter {
private final Document doc;
@@ -133,7 +132,11 @@ private void removeForm() {
String type = element.attr("type");
if (type != null && type.toLowerCase().equals("hidden")) {
if (element.hasAttr("value")) {
- String original = Jsoup.clean(element.attr("value"), Safelist.none());
+ String original = element.attr("value")
+ .replaceAll("\"", """)
+ .replaceAll("\'", "'")
+ .replaceAll(">", ">")
+ .replaceAll("<", "<");
String key = htmlReplaceMarker.generateKey();
element.attr("value", key);
htmlReplaceMarker.addValue(key, original);
diff --git a/src/test/java/com/github/wovnio/wovnjava/HtmlConverterTest.java b/src/test/java/com/github/wovnio/wovnjava/HtmlConverterTest.java
index d024baff..feceb12c 100644
--- a/src/test/java/com/github/wovnio/wovnjava/HtmlConverterTest.java
+++ b/src/test/java/com/github/wovnio/wovnjava/HtmlConverterTest.java
@@ -97,9 +97,29 @@ public void testRemoveForm() throws ConfigurationError {
assertEquals(original.replace("INPUT", "input").replace("VALUE", "value"), stripExtraSpaces(converter.restore(html)));
}
- public void testRemoveForm__Sanitize() throws ConfigurationError {
+ public void testRemoveForm__Sanitize__DoubleQuotes() throws ConfigurationError {
String original = "";
- String sanitized = "";
+ String sanitized = "";
+ Settings settings = TestUtil.makeSettings(new HashMap() {{ put("supportedLangs", "en,fr,ja"); }});
+ HtmlConverter converter = this.createHtmlConverter(settings, location, original);
+ String html = converter.strip();
+
+ assertEquals(sanitized, stripExtraSpaces(converter.restore(html)));
+ }
+
+ public void testRemoveForm__Sanitize__SingleQuotes() throws ConfigurationError {
+ String original = "";
+ String sanitized = "";
+ Settings settings = TestUtil.makeSettings(new HashMap() {{ put("supportedLangs", "en,fr,ja"); }});
+ HtmlConverter converter = this.createHtmlConverter(settings, location, original);
+ String html = converter.strip();
+
+ assertEquals(sanitized, stripExtraSpaces(converter.restore(html)));
+ }
+
+ public void testStrip__Sanitize() throws ConfigurationError {
+ String original = "";
+ String sanitized = "\">";
Settings settings = TestUtil.makeSettings(new HashMap() {{ put("supportedLangs", "en,fr,ja"); }});
HtmlConverter converter = this.createHtmlConverter(settings, location, original);
String html = converter.strip();