Modifier and Type | Field and Description |
---|---|
static org.owasp.html.PolicyFactory |
BLOCK_ALL_POLICY |
static org.owasp.html.PolicyFactory |
COMMENTS_BOX_POLICY |
static org.owasp.html.PolicyFactory |
STANDARD_POLICY |
static org.owasp.html.PolicyFactory |
STANDARD_POLICY_WITH_IMAGES |
static Pattern |
stripTagsPattern |
Constructor and Description |
---|
Sanitize() |
Modifier and Type | Method and Description |
---|---|
static String |
basicSanitize(String s)
Strips all dangerous javascript, all block HTML that could ruin the page
Allows only a limited white list of tags
|
static String |
basicSanitizeWithImages(String s) |
static String |
commentSanitize(String s)
Standard policy for a blog comment box.
|
static String |
escapeHtmlAttribute(String s) |
static String |
escapeXml(String s) |
static Object |
htmlSafeJson(Object obj) |
static Object |
htmlSafeJson(Object obj,
String restrictionLevel)
Gets the object in a JSON form that is safe for being outputted on a web page:
<script>
var myObj = {{ utils.htmlSafeJson(obj, "member") }}
</script>
|
static String |
stripAll(String s)
Strips all HTML
|
public static final org.owasp.html.PolicyFactory COMMENTS_BOX_POLICY
public static final org.owasp.html.PolicyFactory STANDARD_POLICY
public static final org.owasp.html.PolicyFactory STANDARD_POLICY_WITH_IMAGES
public static final org.owasp.html.PolicyFactory BLOCK_ALL_POLICY
public static Pattern stripTagsPattern
public Sanitize()
public static String commentSanitize(String s)
s
- public static String basicSanitize(String s)
s
- public static String basicSanitizeWithImages(String s)
public static String escapeHtmlAttribute(String s)
public static Object htmlSafeJson(Object obj)
public static Object htmlSafeJson(Object obj, String restrictionLevel)
obj
- restrictionLevel
- - Uses the JsonView annotation to determine which properties of the object
should be outputed. Possible values are: unrestricted/public/member/owner/internalCopyright © 2016. All rights reserved.