if (logger.isDebugEnabled()) {
            logger.debug("MarkdownRenderer initialized with commonmark and OWASP sanitizer");
        }
    }

    /**
     * Renders markdown text to sanitized HTML.
     *
     * @param markdown the markdown text to render
     * @return sanitized HTML string
     */
    public String render(final String markdown) {
        if (markdown == null || markdown.isEmpty()) {

        return redirect(getClass()); // no-op
    }

    /**
     * Sanitizes a filename by removing path traversal sequences and whitespace.
     *
     * @param filename the filename to sanitize
     * @return the sanitized filename
     */
    public static String sanitizeFilename(final String filename) {

rn e.includes(s)?!fe.has(s)||Boolean(me.test(t.nodeValue)):e.filter((t=>t instanceof RegExp)).some((t=>t.test(s)))},be={allowList:ge,content:{},extraClass:"",html:!1,sanitize:!0,sanitizeFn:null,template:"<div></div>"},ve={allowList:"object",content:"object",extraClass:"(string|function)",html:"boolean",sanitize:"boolean",sanitizeFn:"(null|function)",template:"string"},ye={entry:"(string|element|function|null)",selector:"(string|element)"};class we extends q{constructor(t){super(),this._config=th...

            if (lowerPath.startsWith(whitelisted) || lowerPath.equals(whitelisted)) {
                return true;
            }
        }
        return false;
    }

    /**
     * Sanitize path for safe logging
     */
    private String sanitizeForLog(String path) {
        if (path == null) {
            return "null";
        }

        // Truncate long paths

[![MinIO](https://raw.githubusercontent.com/minio/minio/master/.github/logo.svg?sanitize=true)](https://min.io)

MinIO is a high-performance, S3-compatible object storage solution released under the GNU AGPL v3.0 license.

        }
        // Remove control characters and limit length
        String sanitized = input.replaceAll("[\\x00-\\x1f]", "");
        if (sanitized.length() > 1000) {
            sanitized = sanitized.substring(0, 997) + "...";
        }
        return sanitized;
    }

    /**
     * Validates that a value is within the specified range
     *
     * @param value the value to check
     * @param min minimum value (inclusive)

if(i[o].test(n))return!0;return!1})(t,r)||i.removeAttribute(t.nodeName)}))},l=0,r=a.length;l<r;l++)s(l);return i.body.innerHTML}var It="tooltip",kt="bs.tooltip",Ot=o.default.fn.tooltip,jt=new RegExp("(^|\\s)bs-tooltip\\S+","g"),Pt=["sanitize","whiteList","sanitizeFn"],Lt="fade",Rt="show",xt="show",qt="out",Ft="hover",Qt="focus",Bt={AUTO:"auto",TOP:"top",RIGHT:"right",BOTTOM:"bottom",LEFT:"left"},Ht={animation:!0,template:'<div class="tooltip" role="tooltip"><div class="arrow"></div><div class="t...

    public void resetStats() {
        totalValidations.set(0);
        failedValidations.set(0);
        bufferOverflowsPrevented.set(0);
        integerOverflowsPrevented.set(0);
    }

    /**
     * Sanitize string for safe logging
     */
    private String sanitizeForLog(String str) {
        if (str == null) {
            return "null";
        }

        // Truncate long strings

        // Test that custom sessionId is sanitized
        Crawler.Options options = new Crawler.Options();
        options.sessionId = "test-session-123";

        // Simulate what process() does - sanitize sessionId
        if (options.sessionId != null) {
            options.sessionId = options.sessionId.replaceAll("-", "_");
        }

        // Check that sessionId was sanitized (hyphens replaced with underscores)

e.js'\nimport Config from './config.js'\nimport { DefaultAllowlist, sanitizeHtml } from './sanitizer.js'\nimport { execute, getElement, isElement } from './index.js'\n\n/**\n * Constants\n */\n\nconst NAME = 'TemplateFactory'\n\nconst Default = {\n  allowList: DefaultAllowlist,\n  content: {}, // { selector : text ,  selector2 : text2 , }\n  extraClass: '',\n  html: false,\n  sanitize: true,\n  sanitizeFn: null,\n  template: '<div></div>'\n}\n\nconst DefaultType = {\n  allowList: 'object',\n  content:...