Package org.owasp.html
Class Sanitizers
- java.lang.Object
-
- org.owasp.html.Sanitizers
-
public final class Sanitizers extends Object
Pre-packaged HTML sanitizer policies.These policies can be used to sanitize content.
Sanitizers.FORMATTING.sanitize(
and can be chained"<b>Hello, World!</b>")PolicyFactory sanitizer = Sanitizers.FORMATTING.and(Sanitizers.BLOCKS); System.out.println(sanitizer.sanitize(
"<p>Hello, <b>World!</b>"));For more fine-grained control over sanitization, use
HtmlPolicyBuilder.- Author:
- Mike Samuel ([email protected])
-
-
Field Summary
Fields Modifier and Type Field Description static PolicyFactoryBLOCKSAllows common block elements including<p>,<h1>, etc.static PolicyFactoryFORMATTINGAllows common formatting elements including<b>,<i>, etc.static PolicyFactoryIMAGESAllows<img>elements from HTTP, HTTPS, and relative sources.static PolicyFactoryLINKSAllows HTTP, HTTPS, MAILTO, and relative links.static PolicyFactorySTYLESAllows certain safe CSS properties instyle="..."attributes.static PolicyFactoryTABLESAllows common table elements.
-
-
-
Field Detail
-
FORMATTING
public static final PolicyFactory FORMATTING
Allows common formatting elements including<b>,<i>, etc.
-
BLOCKS
public static final PolicyFactory BLOCKS
Allows common block elements including<p>,<h1>, etc.
-
STYLES
public static final PolicyFactory STYLES
Allows certain safe CSS properties instyle="..."attributes.
-
LINKS
public static final PolicyFactory LINKS
Allows HTTP, HTTPS, MAILTO, and relative links.
-
TABLES
public static final PolicyFactory TABLES
Allows common table elements.
-
IMAGES
public static final PolicyFactory IMAGES
Allows<img>elements from HTTP, HTTPS, and relative sources.
-
-