|
code.google.com home | ||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||
java.lang.Objectorg.owasp.html.Sanitizers
public final class Sanitizers
Pre-packaged HTML sanitizer policies.
These policies can be used to sanitize content.
Sanitizers.FORMATTING.sanitize("<b>Hello, World!</b>")
and can be chained
PolicyFactory sanitizer = Sanitizers.FORMATTING.and(Sanitizers.BLOCKS);
System.out.println(sanitizer.sanitize("<p>Hello, <b>World!</b>"));
For more fine-grained control over sanitization, use
HtmlPolicyBuilder.
| Field Summary | |
|---|---|
static PolicyFactory |
BLOCKS
Allows common block elements including <p>,
<h1>, etc. |
static PolicyFactory |
FORMATTING
Allows common formatting elements including <b>, <i>, etc. |
static PolicyFactory |
IMAGES
Allows <img> elements from HTTP, HTTPS, and relative sources. |
static PolicyFactory |
LINKS
Allows HTTP, HTTPS, MAILTO, and relative links. |
static PolicyFactory |
STYLES
Allows certain safe CSS properties in style="..." attributes. |
| Method Summary |
|---|
| Methods inherited from class java.lang.Object |
|---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Field Detail |
|---|
public static final PolicyFactory FORMATTING
<b>, <i>, etc.
public static final PolicyFactory BLOCKS
<p>,
<h1>, etc.
public static final PolicyFactory STYLES
style="..." attributes.
public static final PolicyFactory LINKS
public static final PolicyFactory IMAGES
<img> elements from HTTP, HTTPS, and relative sources.
|
code.google.com home | ||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||