Skip navigation links
 
A B C D E F G H I J L M N O P R S T U V W 

A

allowAttributes(String...) - Method in class org.owasp.html.HtmlPolicyBuilder
Returns an object that lets you associate policies with the given attributes, and allow them globally or on specific elements.
allowCommonBlockElements() - Method in class org.owasp.html.HtmlPolicyBuilder
A canned policy that allows a number of common block elements.
allowCommonInlineFormattingElements() - Method in class org.owasp.html.HtmlPolicyBuilder
A canned policy that allows a number of common formatting elements.
allowedProperties() - Method in class org.owasp.html.CssSchema
The set of CSS properties allowed by this schema.
allowElements(String...) - Method in class org.owasp.html.HtmlPolicyBuilder
Allows the named elements.
allowElements(ElementPolicy, String...) - Method in class org.owasp.html.HtmlPolicyBuilder
Allow the given elements with the given policy.
allowStandardUrlProtocols() - Method in class org.owasp.html.HtmlPolicyBuilder
A canned URL protocol policy that allows http, https, and mailto.
allowStyling() - Method in class org.owasp.html.HtmlPolicyBuilder
Convert style="<CSS>" to sanitized CSS which allows color, font-size, type-face, and other styling using the default schema; but which does not allow content to escape its clipping context.
allowStyling(CssSchema) - Method in class org.owasp.html.HtmlPolicyBuilder
Convert style="<CSS>" to sanitized CSS which allows color, font-size, type-face, and other styling using the given schema.
allowTextIn(String...) - Method in class org.owasp.html.HtmlPolicyBuilder
Allows text content in the named elements.
allowUrlProtocols(String...) - Method in class org.owasp.html.HtmlPolicyBuilder
Adds to the set of protocols that are allowed in URL attributes.
allowUrlsInStyles(AttributePolicy) - Method in class org.owasp.html.HtmlPolicyBuilder
Allow URLs in CSS styles.
allowWithoutAttributes(String...) - Method in class org.owasp.html.HtmlPolicyBuilder
Assuming the given elements are allowed, allows them to appear without attributes.
and(PolicyFactory) - Method in class org.owasp.html.PolicyFactory
Produces a factory that allows the union of the grants, and intersects policies where they overlap on a particular granted attribute or element name.
apply(String, String, String) - Method in interface org.owasp.html.AttributePolicy
 
apply(String, String, String) - Method in class org.owasp.html.FilterUrlByProtocolAttributePolicy
 
apply(String, List<String>) - Method in interface org.owasp.html.ElementPolicy
 
apply(HtmlStreamEventReceiver) - Method in class org.owasp.html.PolicyFactory
Produces a sanitizer that emits tokens to out.
apply(HtmlStreamEventReceiver, HtmlChangeListener<CTX>, CTX) - Method in class org.owasp.html.PolicyFactory
Produces a sanitizer that emits tokens to out and that notifies any listener of any dropped tags and attributes.
AttributePolicy - Interface in org.owasp.html
A policy that can be applied to an HTML attribute to decide whether or not to allow it in the output, possibly after transforming its value.
AttributePolicy.JoinableAttributePolicy - Interface in org.owasp.html
An attribute policy that is joinable.
AttributePolicy.Util - Class in org.owasp.html
Utilities for working with attribute policies.

B

bitMask - Variable in enum org.owasp.html.HtmlElementTables.TextContentModelBit
A single bit used internally to identify the bit in packed form.
BLOCKS - Static variable in class org.owasp.html.Sanitizers
Allows common block elements including <p>, <h1>, etc.
build(HtmlStreamEventReceiver) - Method in class org.owasp.html.HtmlPolicyBuilder
Produces a policy based on the allow and disallow calls previously made.
build(HtmlStreamEventReceiver, HtmlChangeListener<? super CTX>, CTX) - Method in class org.owasp.html.HtmlPolicyBuilder
Produces a policy based on the allow and disallow calls previously made.

C

canContain(int, int) - Method in class org.owasp.html.HtmlElementTables
True if parent can directly contain child.
canContainComment(int) - Method in class org.owasp.html.HtmlElementTables.TextContentModel
Whether <!--...-> parses to a comment when it appears in the identified element.
canContainEntities(int) - Method in class org.owasp.html.HtmlElementTables.TextContentModel
Whether &amp; parses to an HTML character reference when it appears in the identified element.
canContainPlainText(int) - Method in class org.owasp.html.HtmlElementTables
Whether parsing can produce an element with the given index that contains a text node that has human readable text instead of script or style source code.
canContainPlainText(int) - Method in class org.owasp.html.HtmlElementTables.TextContentModel
Whether parsing can produce an element with the given index that contains a text node that has human readable text instead of script or style source code.
canContainText(int) - Method in class org.owasp.html.HtmlElementTables
Whether parsing can produce an element with the given index that contains a text node.
canContainText(int) - Method in class org.owasp.html.HtmlElementTables.TextContentModel
Whether parsing can produce an element with the given index that contains a text node.
canonNameForIndex(int) - Method in class org.owasp.html.HtmlElementTables
The element index for the element with the given name.
canonNames - Variable in class org.owasp.html.HtmlElementTables.HtmlElementNames
Canonical element names by element index.
CDATA - org.owasp.html.HtmlTextEscapingMode
A span of text where HTML special characters are interpreted literally, as in a SCRIPT tag.
CDATA_SOMETIMES - org.owasp.html.HtmlTextEscapingMode
Like HtmlTextEscapingMode.CDATA but only for certain browsers.
close() - Method in class org.owasp.html.HtmlStreamEventReceiverWrapper
 
closeDocument() - Method in interface org.owasp.html.HtmlStreamEventReceiver
Called first to indicate that no more events will be received.
closeDocument() - Method in class org.owasp.html.HtmlStreamEventReceiverWrapper
 
closeDocument() - Method in class org.owasp.html.HtmlStreamRenderer
 
closeDocument() - Method in class org.owasp.html.TagBalancingHtmlStreamEventReceiver
 
closeTag(String) - Method in interface org.owasp.html.HtmlSanitizer.Policy
Called when an HTML tag like </foo> is seen in the input.
closeTag(String) - Method in interface org.owasp.html.HtmlStreamEventReceiver
Called to specify an end tag like </elementName>.
closeTag(String) - Method in class org.owasp.html.HtmlStreamEventReceiverWrapper
 
closeTag(String) - Method in class org.owasp.html.HtmlStreamRenderer
 
closeTag(String) - Method in class org.owasp.html.TagBalancingHtmlStreamEventReceiver
 
COMMENTS - org.owasp.html.HtmlElementTables.TextContentModelBit
 
compose(HtmlStreamEventProcessor, HtmlStreamEventProcessor) - Static method in class org.owasp.html.HtmlStreamEventProcessor.Processors
 
create(Appendable, Handler<? super IOException>, Handler<? super String>) - Static method in class org.owasp.html.HtmlStreamRenderer
Factory.
create(StringBuilder, Handler<? super String>) - Static method in class org.owasp.html.HtmlStreamRenderer
Factory.
CssSchema - Class in org.owasp.html
Describes the kinds of tokens a CSS property's value can safely contain.
CssSchema.Property - Class in org.owasp.html
Describes how CSS interprets tokens after the ":" for a property.

D

decodeHtml(String) - Static method in class org.owasp.html.Encoding
Decodes HTML entities to produce a string containing only valid Unicode scalar values.
DEFAULT - Static variable in class org.owasp.html.CssSchema
A schema that includes only those properties on the default schema white-list.
DEFAULT_RELS_ON_TARGETTED_LINKS - Static variable in class org.owasp.html.HtmlPolicyBuilder
These rel attribute values leaking information to the linked site, and prevents the linked page from redirecting your page to a phishing site when opened from a third-party link from your site.
DEFAULT_SKIP_IF_EMPTY - Static variable in class org.owasp.html.HtmlPolicyBuilder
The default set of elements that are removed if they have no attributes.
DenseElementSet(boolean[]) - Constructor for class org.owasp.html.HtmlElementTables.DenseElementSet
 
disallowAttributes(String...) - Method in class org.owasp.html.HtmlPolicyBuilder
Reverse an earlier attribute allow.
disallowElements(String...) - Method in class org.owasp.html.HtmlPolicyBuilder
Disallows the named elements.
disallowTextIn(String...) - Method in class org.owasp.html.HtmlPolicyBuilder
Disallows text in elements with the given name.
disallowUrlProtocols(String...) - Method in class org.owasp.html.HtmlPolicyBuilder
Reverses a decision made by HtmlPolicyBuilder.allowUrlProtocols(java.lang.String...).
disallowWithoutAttributes(String...) - Method in class org.owasp.html.HtmlPolicyBuilder
Disallows the given elements from appearing without attributes.
discardedAttributes(T, String, String...) - Method in interface org.owasp.html.HtmlChangeListener
Called when attributes are discarded from the input but the containing tag is not.
discardedTag(T, String) - Method in interface org.owasp.html.HtmlChangeListener
Called when a tag is discarded from the input.
DO_NOTHING - Static variable in interface org.owasp.html.Handler
A handler that does nothing given any input.

E

ElementPolicy - Interface in org.owasp.html
A policy that can be applied to an element to decide whether or not to allow it in the output, possibly after transforming attributes.
ElementPolicy.JoinableElementPolicy - Interface in org.owasp.html
 
ElementPolicy.Util - Class in org.owasp.html
Utilities for working with element policies.
encodeRcdataOnto(String, Appendable) - Static method in class org.owasp.html.Encoding
Appends an encoded form of plainText to putput where the encoding is sufficient to prevent an HTML parser from transitioning out of the RCDATA state.
Encoding - Class in org.owasp.html
Encoders and decoders for HTML.
Encoding() - Constructor for class org.owasp.html.Encoding
 
ENTITIES - org.owasp.html.HtmlElementTables.TextContentModelBit
 
equals(Object) - Method in class org.owasp.html.CssSchema.Property
 
equals(Object) - Method in class org.owasp.html.FilterUrlByProtocolAttributePolicy
 

F

FilterUrlByProtocolAttributePolicy - Class in org.owasp.html
An attribute policy for attributes whose values are URLs that requires that the value have no protocol or have an allowed protocol.
FilterUrlByProtocolAttributePolicy(Iterable<? extends String>) - Constructor for class org.owasp.html.FilterUrlByProtocolAttributePolicy
 
FORMATTING - Static variable in class org.owasp.html.Sanitizers
Allows common formatting elements including <b>, <i>, etc.

G

get(int) - Method in class org.owasp.html.HtmlElementTables.DenseElementSet
True iff the element at index i is in the set.
getElementIndexList(int, int) - Method in class org.owasp.html.HtmlElementTables.SparseElementMultitable
The element indices mapped to by (aIndex, bIndex).
getElementNameIndex(String) - Method in class org.owasp.html.HtmlElementTables.HtmlElementNames
The index of the given element name or otherwise the index of the custom element name
getModeForTag(String) - Static method in enum org.owasp.html.HtmlTextEscapingMode
The mode used for content following a start tag with the given name.
getWrappedPolicy() - Method in class org.owasp.html.HtmlChangeReporter
The underlying policy.
getWrappedRenderer() - Method in class org.owasp.html.HtmlChangeReporter
The underlying renderer.
globally() - Method in class org.owasp.html.HtmlPolicyBuilder.AttributeBuilder
Allows the given attributes on any elements but filters the attributes' values based on previous calls to matching(...).

H

handle(T) - Method in interface org.owasp.html.Handler
Called to handle x.
Handler<T> - Interface in org.owasp.html
Receives notification of problems.
hashCode() - Method in class org.owasp.html.CssSchema.Property
 
hashCode() - Method in class org.owasp.html.FilterUrlByProtocolAttributePolicy
 
HtmlChangeListener<T> - Interface in org.owasp.html
Receives events when an HTML tag, or attribute is discarded.
HtmlChangeReporter<T> - Class in org.owasp.html
Sits between the HTML parser, the policy, and the renderer so that it can report dropped elements and attributes to an HtmlChangeListener.
HtmlChangeReporter(HtmlStreamEventReceiver, HtmlChangeListener<? super T>, T) - Constructor for class org.owasp.html.HtmlChangeReporter
 
HtmlElementNames(List<String>) - Constructor for class org.owasp.html.HtmlElementTables.HtmlElementNames
 
HtmlElementTables - Class in org.owasp.html
Metadata about HTML elements.
HtmlElementTables(HtmlElementTables.HtmlElementNames, HtmlElementTables.DenseElementBinaryMatrix, HtmlElementTables.DenseElementBinaryMatrix, HtmlElementTables.DenseElementBinaryMatrix, HtmlElementTables.SparseElementToElements, HtmlElementTables.SparseElementMultitable, HtmlElementTables.TextContentModel, HtmlElementTables.DenseElementSet) - Constructor for class org.owasp.html.HtmlElementTables
 
HtmlElementTables.DenseElementSet - Class in org.owasp.html
A set of elements.
HtmlElementTables.HtmlElementNames - Class in org.owasp.html
Maps between element indices and element names.
HtmlElementTables.SparseElementMultitable - Class in org.owasp.html
Maps element to elements to lists of elements.
HtmlElementTables.SparseElementToElements - Class in org.owasp.html
Maps element indices to sets of the same.
HtmlElementTables.TextContentModel - Class in org.owasp.html
For each element, the kinds of character data it can contain.
HtmlElementTables.TextContentModelBit - Enum in org.owasp.html
Describes properties of the content that could be added to an element as a result of a parse that includes its open tag.
HtmlPolicyBuilder - Class in org.owasp.html
Conveniences for configuring policies for the HtmlSanitizer.
HtmlPolicyBuilder() - Constructor for class org.owasp.html.HtmlPolicyBuilder
 
HtmlPolicyBuilder.AttributeBuilder - Class in org.owasp.html
Builds the relationship between attributes, the values that they may have, and the elements on which they may appear.
HtmlSanitizer - Class in org.owasp.html
Consumes an HTML stream, and dispatches events to a policy object which decides which elements and attributes to allow.
HtmlSanitizer() - Constructor for class org.owasp.html.HtmlSanitizer
 
HtmlSanitizer.Policy - Interface in org.owasp.html
Receives events based on the HTML stream, and applies a policy to decide what HTML constructs to allow.
HtmlStreamEventProcessor - Interface in org.owasp.html
Receives the output sink to allow user-code to post-process events.
HtmlStreamEventProcessor.Processors - Class in org.owasp.html
 
HtmlStreamEventReceiver - Interface in org.owasp.html
A light-weight SAX-like listener for HTML.
HtmlStreamEventReceiverWrapper - Class in org.owasp.html
An event receiver that delegates to an underlying receiver and which may be overridden to do additional work.
HtmlStreamEventReceiverWrapper(HtmlStreamEventReceiver) - Constructor for class org.owasp.html.HtmlStreamEventReceiverWrapper
 
HtmlStreamRenderer - Class in org.owasp.html
Given a series of HTML tokens, writes valid, normalized HTML to the output.
HtmlTextEscapingMode - Enum in org.owasp.html
From section 8.1.2.6 of http://www.whatwg.org/specs/web-apps/current-work/

I

IDENTITY - Static variable in class org.owasp.html.HtmlStreamEventProcessor.Processors
A post-processor that returns the sink without wrapping it to do any additional work.
IDENTITY_ATTRIBUTE_POLICY - Static variable in interface org.owasp.html.AttributePolicy
An attribute policy that returns the value unchanged.
IDENTITY_ELEMENT_POLICY - Static variable in interface org.owasp.html.ElementPolicy
An element policy that returns the element unchanged.
IMAGES - Static variable in class org.owasp.html.Sanitizers
Allows <img> elements from HTTP, HTTPS, and relative sources.
indexForName(String) - Method in class org.owasp.html.HtmlElementTables
The element index for the element with the given name.
isAllowed(int, HtmlElementTables.TextContentModelBit) - Method in class org.owasp.html.HtmlElementTables.TextContentModel
True if the given model bit is allowed within the element.
isDocumentOpen() - Method in class org.owasp.html.HtmlStreamRenderer
True if HtmlStreamRenderer.openDocument() has been called and HtmlStreamRenderer.closeDocument() has not subsequently been called.
isInterElementWhitespace(String) - Static method in class org.owasp.html.TagBalancingHtmlStreamEventReceiver
True if text is the value of an inter-element whitespace text node as defined by HTML5.
isRaw(int) - Method in class org.owasp.html.HtmlElementTables.TextContentModel
True iff things that look like tags when they appear lexically within the element do in fact, parse to tags.
isTagFollowedByLiteralContent(String) - Static method in enum org.owasp.html.HtmlTextEscapingMode
True if content immediately following the start tag must be treated as special CDATA so that <'s are not treated as starting tags, comments or directives.
isUnended(int) - Method in class org.owasp.html.HtmlElementTables.TextContentModel
True if parsing the element always proceeds to the end of input.
isVoidElement(String) - Static method in enum org.owasp.html.HtmlTextEscapingMode
True iff the tag cannot contain any content -- will an HTML parser consider the element to have ended immediately after the start tag.

J

join(AttributePolicy...) - Static method in class org.owasp.html.AttributePolicy.Util
An attribute policy equivalent to applying all the given policies in order, failing early if any of them fails.
join(ElementPolicy...) - Static method in class org.owasp.html.ElementPolicy.Util
Given zero or more element policies, returns an element policy equivalent to applying them in order failing early if any of them fails.

L

LINKS - Static variable in class org.owasp.html.Sanitizers
Allows HTTP, HTTPS, MAILTO, and relative links.

M

main(String...) - Static method in class org.owasp.html.CssSchema
Dumps key and literal list to stdout for easy examination.
matching(boolean, String...) - Method in class org.owasp.html.HtmlPolicyBuilder.AttributeBuilder
Restrict the values allowed by later allow* calls to those supplied.
matching(boolean, Set<? extends String>) - Method in class org.owasp.html.HtmlPolicyBuilder.AttributeBuilder
Restrict the values allowed by later allow* calls to those supplied.
matching(Predicate<? super String>) - Method in class org.owasp.html.HtmlPolicyBuilder.AttributeBuilder
Restrict the values allowed by later allow* calls to those matching the given predicate.
matching(Pattern) - Method in class org.owasp.html.HtmlPolicyBuilder.AttributeBuilder
Restrict the values allowed by later allow* calls to those matching the pattern.
matching(AttributePolicy) - Method in class org.owasp.html.HtmlPolicyBuilder.AttributeBuilder
Filters and/or transforms the attribute values allowed by later allow* calls.

N

nElementTypes() - Method in class org.owasp.html.HtmlElementTables
The number of element types which is also the exclusive upper bound on element indices.

O

onElements(String...) - Method in class org.owasp.html.HtmlPolicyBuilder.AttributeBuilder
Allows the named attributes on the given elements but filters the attributes' values based on previous calls to matching(...).
openDocument() - Method in interface org.owasp.html.HtmlStreamEventReceiver
Called first to indicate that events follow.
openDocument() - Method in class org.owasp.html.HtmlStreamEventReceiverWrapper
 
openDocument() - Method in class org.owasp.html.HtmlStreamRenderer
 
openDocument() - Method in class org.owasp.html.TagBalancingHtmlStreamEventReceiver
 
openTag(String, List<String>) - Method in interface org.owasp.html.HtmlSanitizer.Policy
Called when an HTML tag like <foo bar=baz> is seen in the input.
openTag(String, List<String>) - Method in interface org.owasp.html.HtmlStreamEventReceiver
Called to specify a tag with the given name and attributes.
openTag(String, List<String>) - Method in class org.owasp.html.HtmlStreamEventReceiverWrapper
 
openTag(String, List<String>) - Method in class org.owasp.html.HtmlStreamRenderer
 
openTag(String, List<String>) - Method in class org.owasp.html.TagBalancingHtmlStreamEventReceiver
 
org.owasp.html - package org.owasp.html
An efficient HtmlSanitizer configurable via a flexible HtmlPolicyBuilder.

P

PCDATA - org.owasp.html.HtmlTextEscapingMode
Normally escaped character data that breaks around comments and tags.
PLAIN_TEXT - org.owasp.html.HtmlElementTables.TextContentModelBit
 
PLAIN_TEXT - org.owasp.html.HtmlTextEscapingMode
A span of text where HTML special characters are interpreted literally, where there is no end tag.
PolicyFactory - Class in org.owasp.html
A factory that can be used to link a sanitizer to an output receiver and that provides a convenient sanitize method and a and method to compose policies.
Processors() - Constructor for class org.owasp.html.HtmlStreamEventProcessor.Processors
 
PROPAGATE - Static variable in interface org.owasp.html.Handler
A handler that re-raises an error, wrapping it in a runtime exception if necessary.
Property(int, ImmutableSet<String>, ImmutableMap<String, String>) - Constructor for class org.owasp.html.CssSchema.Property
 

R

RAW - org.owasp.html.HtmlElementTables.TextContentModelBit
 
RCDATA - org.owasp.html.HtmlTextEscapingMode
A span of text and character entity references where HTML special characters are interpreted literally, as in a TITLE tag.
REJECT_ALL_ATTRIBUTE_POLICY - Static variable in interface org.owasp.html.AttributePolicy
An attribute policy that rejects all values.
REJECT_ALL_ELEMENT_POLICY - Static variable in interface org.owasp.html.ElementPolicy
An element policy that rejects all elements.
requireRelNofollowOnLinks() - Method in class org.owasp.html.HtmlPolicyBuilder
Adds rel=nofollow to links.
requireRelsOnLinks(String...) - Method in class org.owasp.html.HtmlPolicyBuilder
Adds rel="..." to <a href="..."> tags beyond those in HtmlPolicyBuilder.DEFAULT_RELS_ON_TARGETTED_LINKS.
resumable(int) - Method in class org.owasp.html.HtmlElementTables
The elements that can be resumed after misnested inline tags.

S

sanitize(String) - Method in class org.owasp.html.PolicyFactory
A convenience function that sanitizes a string of HTML.
sanitize(String, HtmlChangeListener<CTX>, CTX) - Method in class org.owasp.html.PolicyFactory
A convenience function that sanitizes a string of HTML and reports the names of rejected element and attributes to listener.
sanitize(String, HtmlSanitizer.Policy) - Static method in class org.owasp.html.HtmlSanitizer
Sanitizes the given HTML by applying the given policy to it.
sanitize(String, HtmlSanitizer.Policy, HtmlStreamEventProcessor) - Static method in class org.owasp.html.HtmlSanitizer
Sanitizes the given HTML by applying the given policy to it.
Sanitizers - Class in org.owasp.html
Pre-packaged HTML sanitizer policies.
setNestingLimit(int) - Method in class org.owasp.html.TagBalancingHtmlStreamEventReceiver
Set the maximum element nesting depth.
setPolicy(HtmlSanitizer.Policy) - Method in class org.owasp.html.HtmlChangeReporter
Associates an input channel.
skipRelsOnLinks(String...) - Method in class org.owasp.html.HtmlPolicyBuilder
Opts out of some of the HtmlPolicyBuilder.DEFAULT_RELS_ON_TARGETTED_LINKS from being added to links, and reverses previous calls to requireRelsOnLinks with the given link values.
SparseElementMultitable(int[][][]) - Constructor for class org.owasp.html.HtmlElementTables.SparseElementMultitable
 
SparseElementToElements(int[][]) - Constructor for class org.owasp.html.HtmlElementTables.SparseElementToElements
 
STYLES - Static variable in class org.owasp.html.Sanitizers
Allows certain safe CSS properties in style="..." attributes.

T

TABLES - Static variable in class org.owasp.html.Sanitizers
Allows common table elements.
TagBalancingHtmlStreamEventReceiver - Class in org.owasp.html
Wraps an HTML stream event receiver to fill in missing close tags.
TagBalancingHtmlStreamEventReceiver(HtmlStreamEventReceiver) - Constructor for class org.owasp.html.TagBalancingHtmlStreamEventReceiver
 
TCB - Annotation Type in org.owasp.html
Indicates that a program element is in the trusted computing base -- there exists a security property that could be violated if this code is not correct.
text(String) - Method in interface org.owasp.html.HtmlSanitizer.Policy
Called when textual content is seen.
text(String) - Method in interface org.owasp.html.HtmlStreamEventReceiver
Called to specify a text node.
text(String) - Method in class org.owasp.html.HtmlStreamEventReceiverWrapper
 
text(String) - Method in class org.owasp.html.HtmlStreamRenderer
 
text(String) - Method in class org.owasp.html.TagBalancingHtmlStreamEventReceiver
 
TEXT - org.owasp.html.HtmlElementTables.TextContentModelBit
 
TEXT_NODE - Static variable in class org.owasp.html.HtmlElementTables
Pseudo element index for text nodes.
TextContentModel(byte[]) - Constructor for class org.owasp.html.HtmlElementTables.TextContentModel
 
toFactory() - Method in class org.owasp.html.HtmlPolicyBuilder
Like HtmlPolicyBuilder.build(org.owasp.html.HtmlStreamEventReceiver) but can be reused to create many different policies each backed by a different output channel.

U

UNENDED - org.owasp.html.HtmlElementTables.TextContentModelBit
 
union(CssSchema...) - Static method in class org.owasp.html.CssSchema
A schema that represents the union of the input schemas.
unpack(int[], int) - Static method in class org.owasp.html.HtmlElementTables
Unpacks a boolean[] from an array of ints.
Util() - Constructor for class org.owasp.html.AttributePolicy.Util
 

V

valueOf(String) - Static method in enum org.owasp.html.HtmlElementTables.TextContentModelBit
Returns the enum constant of this type with the specified name.
valueOf(String) - Static method in enum org.owasp.html.HtmlTextEscapingMode
Returns the enum constant of this type with the specified name.
values() - Static method in enum org.owasp.html.HtmlElementTables.TextContentModelBit
Returns an array containing the constants of this enum type, in the order they are declared.
values() - Static method in enum org.owasp.html.HtmlTextEscapingMode
Returns an array containing the constants of this enum type, in the order they are declared.
VOID - org.owasp.html.HtmlTextEscapingMode
Cannot contain data.

W

withPostprocessor(HtmlStreamEventProcessor) - Method in class org.owasp.html.HtmlPolicyBuilder
Inserts a post-processor into the pipeline between the policy and the output sink.
withPreprocessor(HtmlStreamEventProcessor) - Method in class org.owasp.html.HtmlPolicyBuilder
Inserts a pre-processor into the pipeline between the lexer and the policy.
withProperties(Iterable<? extends String>) - Static method in class org.owasp.html.CssSchema
A schema that includes all and only the named properties.
withProperties(Map<? extends String, ? extends CssSchema.Property>) - Static method in class org.owasp.html.CssSchema
A schema that includes all and only the named properties.
wrap(HtmlStreamEventReceiver) - Method in interface org.owasp.html.HtmlStreamEventProcessor
 
A B C D E F G H I J L M N O P R S T U V W 
Skip navigation links

Copyright © 2019 OWASP. All rights reserved.