Package | Description |
---|---|
org.owasp.html |
An efficient
HtmlSanitizer
configurable via a flexible
HtmlPolicyBuilder . |
org.owasp.html.examples |
Modifier and Type | Interface and Description |
---|---|
static interface |
HtmlSanitizer.Policy
Receives events based on the HTML stream, and applies a policy to decide
what HTML constructs to allow.
|
Modifier and Type | Class and Description |
---|---|
class |
HtmlStreamRenderer
Given a series of HTML tokens, writes valid, normalized HTML to the output.
|
class |
TagBalancingHtmlStreamEventReceiver
Wraps an HTML stream event receiver to fill in missing close tags.
|
Modifier and Type | Method and Description |
---|---|
HtmlSanitizer.Policy |
PolicyFactory.apply(HtmlStreamEventReceiver out)
Produces a sanitizer that emits tokens to out.
|
HtmlSanitizer.Policy |
HtmlPolicyBuilder.build(HtmlStreamEventReceiver out)
Produces a policy based on the allow and disallow calls previously made.
|
Constructor and Description |
---|
TagBalancingHtmlStreamEventReceiver(HtmlStreamEventReceiver underlying) |
Modifier and Type | Field and Description |
---|---|
static com.google.common.base.Function<HtmlStreamEventReceiver,HtmlSanitizer.Policy> |
SlashdotPolicyExample.POLICY_DEFINITION
A policy definition that matches the minimal HTML that Slashdot allows.
|
static com.google.common.base.Function<HtmlStreamEventReceiver,HtmlSanitizer.Policy> |
EbayPolicyExample.POLICY_DEFINITION |
Copyright © 2016 OWASP. All rights reserved.