AttributePolicy (OWASP Java HTML Sanitizer 20200713.1 API)

All Known Subinterfaces:

AttributePolicy.JoinableAttributePolicy

All Known Implementing Classes:

FilterUrlByProtocolAttributePolicy
```
public interface AttributePolicy
```
A policy that can be applied to an HTML attribute to decide whether or not to allow it in the output, possibly after transforming its value.

Author:

Mike Samuel ([email protected])

See Also:

HtmlPolicyBuilder.AttributeBuilder.matching(AttributePolicy)

Nested Class Summary

Nested Classes
Modifier and Type	Interface	Description
`static interface`	`AttributePolicy.JoinableAttributePolicy`	An attribute policy that is joinable.
`static class`	`AttributePolicy.Util`	Utilities for working with attribute policies.

Field Summary

Fields
Modifier and Type	Field	Description
`static AttributePolicy`	`IDENTITY_ATTRIBUTE_POLICY`	An attribute policy that returns the value unchanged.
`static AttributePolicy`	`REJECT_ALL_ATTRIBUTE_POLICY`	An attribute policy that rejects all values.

Method Summary

All Methods Instance Methods Abstract Methods
Modifier and Type Method Description

String apply(String elementName, String attributeName, String value)

- Field Detail
  - IDENTITY_ATTRIBUTE_POLICY
```
static final AttributePolicy IDENTITY_ATTRIBUTE_POLICY
```
    An attribute policy that returns the value unchanged.
  - REJECT_ALL_ATTRIBUTE_POLICY
```
static final AttributePolicy REJECT_ALL_ATTRIBUTE_POLICY
```
    An attribute policy that rejects all values.
- Method Detail
  - apply
```
@Nullable
String apply(String elementName,
             String attributeName,
             String value)
```
    Parameters:
    
    elementName - the lower-case element name.
    
    attributeName - the lower-case attribute name.
    
    value - the attribute value without quotes and with HTML entities decoded.
    
    Returns:
    
    null to disallow the attribute or the adjusted value if allowed.