@ParametersAreNonnullByDefault
Package org.owasp.html
An efficient
HtmlSanitizer
configurable via a flexible
HtmlPolicyBuilder
.- Author:
- Mike Samuel
-
Interface Summary Interface Description AttributePolicy A policy that can be applied to an HTML attribute to decide whether or not to allow it in the output, possibly after transforming its value.ElementPolicy A policy that can be applied to an element to decide whether or not to allow it in the output, possibly after transforming attributes.Handler<T> Receives notification of problems.HtmlSanitizer.Policy Receives events based on the HTML stream, and applies a policy to decide what HTML constructs to allow.HtmlStreamEventReceiver A light-weight SAX-like listener for HTML. -
Class Summary Class Description AttributePolicy.Util Utilities for working with attribute policies.ElementPolicy.Util Utilities for working with element policies.FilterUrlByProtocolAttributePolicy An attribute policy for attributes whose values are URLs that requires that the value have no protocol or have an allowed protocol.HtmlPolicyBuilder Conveniences for configuring policies for theHtmlSanitizer
.HtmlSanitizer Consumes an HTML stream, and dispatches events to a policy object which decides which elements and attributes to allow.HtmlStreamRenderer Given a series of HTML tokens, writes valid, normalized HTML to the output.PolicyFactory Sanitizers Pre-packaged HTML sanitizer policies.TagBalancingHtmlStreamEventReceiver Wraps an HTML stream event receiver to fill in missing close tags. -
Annotation Types Summary Annotation Type Description TCB Indicates that a program element is in the trusted computing base -- there exists a security property that could be violated if this code is not correct.