Package org.owasp.html
Class Sanitizers
- java.lang.Object
-
- org.owasp.html.Sanitizers
-
public final class Sanitizers extends Object
Pre-packaged HTML sanitizer policies.These policies can be used to sanitize content.
Sanitizers.FORMATTING.sanitize(
and can be chained"<b>Hello, World!</b>"
)PolicyFactory sanitizer = Sanitizers.FORMATTING.and(Sanitizers.BLOCKS); System.out.println(sanitizer.sanitize(
"<p>Hello, <b>World!</b>"
));For more fine-grained control over sanitization, use
HtmlPolicyBuilder
.- Author:
- Mike Samuel ([email protected])
-
-
Field Summary
Fields Modifier and Type Field Description static PolicyFactory
BLOCKS
Allows common block elements including<p>
,<h1>
, etc.static PolicyFactory
FORMATTING
Allows common formatting elements including<b>
,<i>
, etc.static PolicyFactory
IMAGES
Allows<img>
elements from HTTP, HTTPS, and relative sources.static PolicyFactory
LINKS
Allows HTTP, HTTPS, MAILTO, and relative links.static PolicyFactory
STYLES
Allows certain safe CSS properties instyle="..."
attributes.static PolicyFactory
TABLES
Allows common table elements.
-
-
-
Field Detail
-
FORMATTING
public static final PolicyFactory FORMATTING
Allows common formatting elements including<b>
,<i>
, etc.
-
BLOCKS
public static final PolicyFactory BLOCKS
Allows common block elements including<p>
,<h1>
, etc.
-
STYLES
public static final PolicyFactory STYLES
Allows certain safe CSS properties instyle="..."
attributes.
-
LINKS
public static final PolicyFactory LINKS
Allows HTTP, HTTPS, MAILTO, and relative links.
-
TABLES
public static final PolicyFactory TABLES
Allows common table elements.
-
IMAGES
public static final PolicyFactory IMAGES
Allows<img>
elements from HTTP, HTTPS, and relative sources.
-
-