public final class SafeHtmlMint
extends java.lang.Object
This class is safe when the policy factories passed to it are safe.
Fences
can be used to control access to fromPolicyFactory(org.owasp.html.PolicyFactory)
as needed, and the plausible deniability
standard can be extended to writing policies that white-list known-unsafe
content.
Modifier and Type | Method | Description |
---|---|---|
static SafeHtmlMint |
fromPolicyFactory(org.owasp.html.PolicyFactory f) |
Sanitizes a chunk of HTML producing a SafeHtml instance instead of
appending chars to an output buffer.
|
com.google.common.html.types.SafeHtml |
sanitize(java.lang.String html) |
A convenience function that sanitizes a string of HTML.
|
<CTX> com.google.common.html.types.SafeHtml |
sanitize(java.lang.String html,
org.owasp.html.HtmlChangeListener<CTX> listener,
CTX context) |
A convenience function that sanitizes a string of HTML and reports
the names of rejected element and attributes to listener.
|
public static SafeHtmlMint fromPolicyFactory(org.owasp.html.PolicyFactory f)
public com.google.common.html.types.SafeHtml sanitize(@Nullable java.lang.String html)
public <CTX> com.google.common.html.types.SafeHtml sanitize(@Nullable java.lang.String html, @Nullable org.owasp.html.HtmlChangeListener<CTX> listener, @Nullable CTX context)
html
- the string of HTML to sanitize.listener
- if non-null, receives notifications of tags and attributes
that were rejected by the policy. This may tie into intrusion
detection systems.context
- if (listener != null)
then the context value passed
with notifications. This can be used to let the listener know from
which connection or request the questionable HTML was received.Copyright © 2019 OWASP. All rights reserved.