javaregexhtml-sanitizingantisamy

Antisamy Java regex url does not accept pound or hash sign


In the antisamy xml config, this is what I have set:

<regexp
    name="offsiteURL"
    value="(\s)*(http(s?)://|mailto:)[\p{L}\p{N}]+[~\p{L}\p{N}\p{Zs}\-_\.@\#\$%&amp;;:,\?=/\+!\(\)]*(\s)*"/>

That seems to work except for links with the pound/hash sign in them.

For example: http://examplewebsite.com/example#section

antisamy using the above regex will reject that input and sanitize it. Can anyone help me modify that regex to allow the pound sign also?


Solution

  • After further research, the policy file was causing the problem not the regex listed above. If you are experiencing this same issue, be sure to check that the policy is not too restrictive for each HTML element and that the url is properly encoded & escaped.