@ParametersAreNonnullByDefault

Package org.owasp.html

An efficient HtmlSanitizer configurable via a flexible HtmlPolicyBuilder.

See: Description

Interface Summary

Interface	Description
AttributePolicy	A policy that can be applied to an HTML attribute to decide whether or not to allow it in the output, possibly after transforming its value.
ElementPolicy	A policy that can be applied to an element to decide whether or not to allow it in the output, possibly after transforming attributes.
Handler<T>	Receives notification of problems.
HtmlChangeListener<T>	Receives events when an HTML tag, or attribute is discarded.
HtmlSanitizer.Policy	Receives events based on the HTML stream, and applies a policy to decide what HTML constructs to allow.
HtmlStreamEventReceiver	A light-weight SAX-like listener for HTML.

Class Summary

Class	Description
AttributePolicy.Util	Utilities for working with attribute policies.
CssSchema	Describes the kinds of tokens a CSS property's value can safely contain.
ElementPolicy.Util	Utilities for working with element policies.
FilterUrlByProtocolAttributePolicy	An attribute policy for attributes whose values are URLs that requires that the value have no protocol or have an allowed protocol.
HtmlChangeReporter<T>	Sits between the HTML parser, and then policy, and the renderer so that it can report dropped elements and attributes to an HtmlChangeListener.
HtmlPolicyBuilder	Conveniences for configuring policies for the HtmlSanitizer.
HtmlSanitizer	Consumes an HTML stream, and dispatches events to a policy object which decides which elements and attributes to allow.
HtmlStreamRenderer	Given a series of HTML tokens, writes valid, normalized HTML to the output.
PolicyFactory	A factory that can be used to link a sanitizer to an output receiver and that provides a convenient sanitize method and a and method to compose policies.
Sanitizers	Pre-packaged HTML sanitizer policies.
TagBalancingHtmlStreamEventReceiver	Wraps an HTML stream event receiver to fill in missing close tags.

Enum Summary

Enum	Description
HtmlTextEscapingMode	From section 8.1.2.6 of http://www.whatwg.org/specs/web-apps/current-work/

Annotation Types Summary

Annotation Type	Description
TCB	Indicates that a program element is in the trusted computing base -- there exists a security property that could be violated if this code is not correct.

Package org.owasp.html Description

An efficient HtmlSanitizer configurable via a flexible HtmlPolicyBuilder.

Author:

Mike Samuel ([email protected])