diff --git a/pom.xml b/pom.xml
index c7fddfe9..164cc03d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -3,7 +3,7 @@
org.owasp.antisamy
antisamy
jar
- 1.6.6-dev
+ 1.6.6
ossrh
@@ -42,7 +42,7 @@
UTF-8
- 2022-01-31T23:13:00Z
+ 2022-04-21T21:46:00Z
true
2.11.0
1.7.36
@@ -69,6 +69,13 @@
org.apache.httpcomponents.client5
httpclient5
5.1.3
+
+
+
+ org.slf4j
+ slf4j-api
+
+
org.apache.httpcomponents.core5
diff --git a/src/main/java/org/owasp/validator/css/CssScanner.java b/src/main/java/org/owasp/validator/css/CssScanner.java
index 279597ba..e357a70d 100644
--- a/src/main/java/org/owasp/validator/css/CssScanner.java
+++ b/src/main/java/org/owasp/validator/css/CssScanner.java
@@ -333,7 +333,7 @@ public String handleResponse(
try {
String responseBody = httpClient.execute(new HttpGet(stylesheetUri), responseHandler);
// pull down stylesheet, observing size limit
- stylesheet = responseBody.getBytes();
+ stylesheet = responseBody.getBytes(Charset.forName("UTF8"));
if (stylesheet != null && stylesheet.length > sizeLimit) {
errorMessages.add(ErrorMessageUtil.getMessage(
messages,
diff --git a/src/main/java/org/owasp/validator/html/CleanResults.java b/src/main/java/org/owasp/validator/html/CleanResults.java
index ffa0a381..ac38c3b1 100644
--- a/src/main/java/org/owasp/validator/html/CleanResults.java
+++ b/src/main/java/org/owasp/validator/html/CleanResults.java
@@ -98,7 +98,8 @@ public CleanResults(long startOfScan, Callable cleanHTML,
/**
* Return the DOM version of the clean HTML.
- * return The XML Document fragment version of the clean HTML produced during the sanitization process.
+ *
+ * @return The XML Document fragment version of the clean HTML produced during the sanitization process.
* This may be null, even if the clean HTML String is not null.
*/
public DocumentFragment getCleanXMLDocumentFragment() {
diff --git a/src/main/java/org/owasp/validator/html/InternalPolicy.java b/src/main/java/org/owasp/validator/html/InternalPolicy.java
index 863367eb..61ac87dd 100644
--- a/src/main/java/org/owasp/validator/html/InternalPolicy.java
+++ b/src/main/java/org/owasp/validator/html/InternalPolicy.java
@@ -132,7 +132,11 @@ public boolean isOmitXmlDeclaration() {
return omitXmlDeclaration;
}
- /** @deprecated XHTML usage will go away in AntiSamy 1.7+ */
+ /**
+ * @deprecated XHTML usage will go away in AntiSamy 1.7+
+ *
+ * @return true if useXhtml is set for this policy. False otherwise.
+ */
@Deprecated
public boolean isUseXhtml() {
return useXhtml;
diff --git a/src/main/java/org/owasp/validator/html/scan/AntiSamyDOMScanner.java b/src/main/java/org/owasp/validator/html/scan/AntiSamyDOMScanner.java
index a2ed7397..dc991c46 100644
--- a/src/main/java/org/owasp/validator/html/scan/AntiSamyDOMScanner.java
+++ b/src/main/java/org/owasp/validator/html/scan/AntiSamyDOMScanner.java
@@ -408,17 +408,17 @@ private boolean processStyleTag(Element ele, Node parentNode) {
try {
if (ele.getChildNodes().getLength() > 0) {
- String toScan = "";
+ StringBuffer toScan = new StringBuffer();
for (int i = 0; i < ele.getChildNodes().getLength(); i++) {
Node childNode = ele.getChildNodes().item(i);
- if (!toScan.isEmpty()){
- toScan += "\n";
+ if (toScan.length() > 0) {
+ toScan.append("\n");
}
- toScan += childNode.getTextContent();
+ toScan.append(childNode.getTextContent());
}
- CleanResults cr = styleScanner.scanStyleSheet(toScan, policy.getMaxInputSize());
+ CleanResults cr = styleScanner.scanStyleSheet(toScan.toString(), policy.getMaxInputSize());
errorMessages.addAll(cr.getErrorMessages());
/*