org.owasp.html (OWASP Java HTML Sanitizer 20211018.2 API)

An efficient HtmlSanitizer configurable via a flexible HtmlPolicyBuilder.

Author:: Mike Samuel ([email protected])

Interface Summary
Interface	Description
AttributePolicy	A policy that can be applied to an HTML attribute to decide whether or not to allow it in the output, possibly after transforming its value.
AttributePolicy.JoinableAttributePolicy	An attribute policy that is joinable.
ElementPolicy	A policy that can be applied to an element to decide whether or not to allow it in the output, possibly after transforming attributes.
ElementPolicy.JoinableElementPolicy
Handler<T>	Receives notification of problems.
HtmlChangeListener<T>	Receives events when an HTML tag, or attribute is discarded.
HtmlSanitizer.Policy	Receives events based on the HTML stream, and applies a policy to decide what HTML constructs to allow.
HtmlStreamEventProcessor	Receives the output sink to allow user-code to post-process events.
HtmlStreamEventReceiver	A light-weight SAX-like listener for HTML.

Class Summary
Class	Description
AttributePolicy.Util	Utilities for working with attribute policies.
CssSchema	Describes the kinds of tokens a CSS property's value can safely contain.
CssSchema.Property	Describes how CSS interprets tokens after the ":" for a property.
ElementPolicy.Util	Utilities for working with element policies.
Encoding	Encoders and decoders for HTML.
FilterUrlByProtocolAttributePolicy	An attribute policy for attributes whose values are URLs that requires that the value have no protocol or have an allowed protocol.
HtmlChangeReporter<T>	Sits between the HTML parser, the policy, and the renderer so that it can report dropped elements and attributes to an `HtmlChangeListener`.
HtmlElementTables	Metadata about HTML elements.
HtmlElementTables.DenseElementSet	A set of elements.
HtmlElementTables.HtmlElementNames	Maps between element indices and element names.
HtmlElementTables.SparseElementMultitable	Maps element to elements to lists of elements.
HtmlElementTables.SparseElementToElements	Maps element indices to sets of the same.
HtmlElementTables.TextContentModel	For each element, the kinds of character data it can contain.
HtmlPolicyBuilder	Conveniences for configuring policies for the `HtmlSanitizer`.
HtmlSanitizer	Consumes an HTML stream, and dispatches events to a policy object which decides which elements and attributes to allow.
HtmlStreamEventProcessor.Processors
HtmlStreamEventReceiverWrapper	An event receiver that delegates to an underlying receiver and which may be overridden to do additional work.
HtmlStreamRenderer	Given a series of HTML tokens, writes valid, normalized HTML to the output.
PolicyFactory	A factory that can be used to link a sanitizer to an output receiver and that provides a convenient `sanitize` method and a `and` method to compose policies.
Sanitizers	Pre-packaged HTML sanitizer policies.
TagBalancingHtmlStreamEventReceiver	Wraps an HTML stream event receiver to fill in missing close tags.

Enum Summary
Enum	Description
HtmlElementTables.TextContentModelBit	Describes properties of the content that could be added to an element as a result of a parse that includes its open tag.
HtmlTagSkipType
HtmlTextEscapingMode	From section 8.1.2.6 of http://www.whatwg.org/specs/web-apps/current-work/

Annotation Types Summary
Annotation Type	Description
TCB	Indicates that a program element is in the trusted computing base -- there exists a security property that could be violated if this code is not correct.

Package org.owasp.html