Index (OWASP Java HTML Sanitizer 20240325.1 API)

A B C D E F G H I J L M N O P R S T U V W
All Classes All Packages

A

allowAttributes(String...) - Method in class org.owasp.html.HtmlPolicyBuilder: Returns an object that lets you associate policies with the given attributes, and allow them globally or on specific elements.
allowCommonBlockElements() - Method in class org.owasp.html.HtmlPolicyBuilder: A canned policy that allows a number of common block elements.
allowCommonInlineFormattingElements() - Method in class org.owasp.html.HtmlPolicyBuilder: A canned policy that allows a number of common formatting elements.
allowedProperties() - Method in class org.owasp.html.CssSchema: The set of CSS properties allowed by this schema.
allowElements(String...) - Method in class org.owasp.html.HtmlPolicyBuilder: Allows the named elements.
allowElements(ElementPolicy, String...) - Method in class org.owasp.html.HtmlPolicyBuilder: Allow the given elements with the given policy.
allowStandardUrlProtocols() - Method in class org.owasp.html.HtmlPolicyBuilder: A canned URL protocol policy that allows http, https, and mailto.
allowStyling() - Method in class org.owasp.html.HtmlPolicyBuilder: Convert style="<CSS>" to sanitized CSS which allows color, font-size, type-face, and other styling using the default schema; but which does not allow content to escape its clipping context.
allowStyling(CssSchema) - Method in class org.owasp.html.HtmlPolicyBuilder: Convert style="<CSS>" to sanitized CSS which allows color, font-size, type-face, and other styling using the given schema.
allowTextIn(String...) - Method in class org.owasp.html.HtmlPolicyBuilder: Allows text content in the named elements.
allowUrlProtocols(String...) - Method in class org.owasp.html.HtmlPolicyBuilder: Adds to the set of protocols that are allowed in URL attributes.
allowUrlsInStyles(AttributePolicy) - Method in class org.owasp.html.HtmlPolicyBuilder: Allow URLs in CSS styles.
allowWithoutAttributes(String...) - Method in class org.owasp.html.HtmlPolicyBuilder: Assuming the given elements are allowed, allows them to appear without attributes.
and(HtmlTagSkipType) - Method in enum org.owasp.html.HtmlTagSkipType
and(PolicyFactory) - Method in class org.owasp.html.PolicyFactory: Produces a factory that allows the union of the grants, and intersects policies where they overlap on a particular granted attribute or element name.
apply(String, String, String) - Method in interface org.owasp.html.AttributePolicy
apply(String, String, String) - Method in class org.owasp.html.FilterUrlByProtocolAttributePolicy
apply(String, List<String>) - Method in interface org.owasp.html.ElementPolicy
apply(HtmlStreamEventReceiver) - Method in class org.owasp.html.PolicyFactory: Produces a sanitizer that emits tokens to out.
apply(HtmlStreamEventReceiver, HtmlChangeListener<CTX>, CTX) - Method in class org.owasp.html.PolicyFactory: Produces a sanitizer that emits tokens to out and that notifies any listener of any dropped tags and attributes.
AttributePolicy - Interface in org.owasp.html: A policy that can be applied to an HTML attribute to decide whether or not to allow it in the output, possibly after transforming its value.
AttributePolicy.JoinableAttributePolicy - Interface in org.owasp.html: An attribute policy that is joinable.
AttributePolicy.Util - Class in org.owasp.html: Utilities for working with attribute policies.

B

bitMask - Variable in enum org.owasp.html.HtmlElementTables.TextContentModelBit: A single bit used internally to identify the bit in packed form.
BLOCKS - Static variable in class org.owasp.html.Sanitizers: Allows common block elements including <p>, <h1>, etc.
build(HtmlStreamEventReceiver) - Method in class org.owasp.html.HtmlPolicyBuilder: Produces a policy based on the allow and disallow calls previously made.
build(HtmlStreamEventReceiver, HtmlChangeListener<? super CTX>, CTX) - Method in class org.owasp.html.HtmlPolicyBuilder: Produces a policy based on the allow and disallow calls previously made.

C

canContain(int, int) - Method in class org.owasp.html.HtmlElementTables: True if parent can directly contain child.
canContainComment(int) - Method in class org.owasp.html.HtmlElementTables.TextContentModel: Whether <!--...-> parses to a comment when it appears in the identified element.
canContainEntities(int) - Method in class org.owasp.html.HtmlElementTables.TextContentModel: Whether & parses to an HTML character reference when it appears in the identified element.
canContainPlainText(int) - Method in class org.owasp.html.HtmlElementTables: Whether parsing can produce an element with the given index that contains a text node that has human readable text instead of script or style source code.
canContainPlainText(int) - Method in class org.owasp.html.HtmlElementTables.TextContentModel: Whether parsing can produce an element with the given index that contains a text node that has human readable text instead of script or style source code.
canContainText(int) - Method in class org.owasp.html.HtmlElementTables: Whether parsing can produce an element with the given index that contains a text node.
canContainText(int) - Method in class org.owasp.html.HtmlElementTables.TextContentModel: Whether parsing can produce an element with the given index that contains a text node.
canonNameForIndex(int) - Method in class org.owasp.html.HtmlElementTables: The element index for the element with the given name.
canonNames - Variable in class org.owasp.html.HtmlElementTables.HtmlElementNames: Canonical element names by element index.
CDATA - org.owasp.html.HtmlTextEscapingMode: A span of text where HTML special characters are interpreted literally, as in a SCRIPT tag.
CDATA_SOMETIMES - org.owasp.html.HtmlTextEscapingMode: Like HtmlTextEscapingMode.CDATA but only for certain browsers.
close() - Method in class org.owasp.html.HtmlStreamEventReceiverWrapper
closeDocument() - Method in interface org.owasp.html.HtmlStreamEventReceiver: Called first to indicate that no more events will be received.
closeDocument() - Method in class org.owasp.html.HtmlStreamEventReceiverWrapper
closeDocument() - Method in class org.owasp.html.HtmlStreamRenderer
closeDocument() - Method in class org.owasp.html.TagBalancingHtmlStreamEventReceiver
closeTag(String) - Method in interface org.owasp.html.HtmlSanitizer.Policy: Called when an HTML tag like </foo> is seen in the input.
closeTag(String) - Method in interface org.owasp.html.HtmlStreamEventReceiver: Called to specify an end tag like </elementName>.
closeTag(String) - Method in class org.owasp.html.HtmlStreamEventReceiverWrapper
closeTag(String) - Method in class org.owasp.html.HtmlStreamRenderer
closeTag(String) - Method in class org.owasp.html.TagBalancingHtmlStreamEventReceiver
COMMENTS - org.owasp.html.HtmlElementTables.TextContentModelBit
compose(HtmlStreamEventProcessor, HtmlStreamEventProcessor) - Static method in class org.owasp.html.HtmlStreamEventProcessor.Processors
create(Appendable, Handler<? super IOException>, Handler<? super String>) - Static method in class org.owasp.html.HtmlStreamRenderer: Factory.
create(StringBuilder, Handler<? super String>) - Static method in class org.owasp.html.HtmlStreamRenderer: Factory.
CssSchema - Class in org.owasp.html: Describes the kinds of tokens a CSS property's value can safely contain.
CssSchema.Property - Class in org.owasp.html: Describes how CSS interprets tokens after the ":" for a property.

D

decodeHtml(String) - Static method in class org.owasp.html.Encoding: Deprecated.
specify whether s is in an attribute value
decodeHtml(String, boolean) - Static method in class org.owasp.html.Encoding: Decodes HTML entities to produce a string containing only valid Unicode scalar values.
DEFAULT - Static variable in class org.owasp.html.CssSchema: A schema that includes only those properties on the default schema white-list.
DEFAULT_RELS_ON_TARGETTED_LINKS - Static variable in class org.owasp.html.HtmlPolicyBuilder: These rel attribute values leaking information to the linked site, and prevents the linked page from redirecting your page to a phishing site when opened from a third-party link from your site.
DEFAULT_SKIP_IF_EMPTY - Static variable in class org.owasp.html.HtmlPolicyBuilder: The default set of elements that are removed if they have no attributes.
DenseElementSet(boolean[]) - Constructor for class org.owasp.html.HtmlElementTables.DenseElementSet
disallowAttributes(String...) - Method in class org.owasp.html.HtmlPolicyBuilder: Reverse an earlier attribute allow.
disallowElements(String...) - Method in class org.owasp.html.HtmlPolicyBuilder: Disallows the named elements.
disallowTextIn(String...) - Method in class org.owasp.html.HtmlPolicyBuilder: Disallows text in elements with the given name.
disallowUrlProtocols(String...) - Method in class org.owasp.html.HtmlPolicyBuilder: Reverses a decision made by HtmlPolicyBuilder.allowUrlProtocols(java.lang.String...).
disallowWithoutAttributes(String...) - Method in class org.owasp.html.HtmlPolicyBuilder: Disallows the given elements from appearing without attributes.
discardedAttributes(T, String, String...) - Method in interface org.owasp.html.HtmlChangeListener: Called when attributes are discarded from the input but the containing tag is not.
discardedTag(T, String) - Method in interface org.owasp.html.HtmlChangeListener: Called when a tag is discarded from the input.
DO_NOT_SKIP - org.owasp.html.HtmlTagSkipType
DO_NOT_SKIP_BY_DEFAULT - org.owasp.html.HtmlTagSkipType
DO_NOTHING - Static variable in interface org.owasp.html.Handler: A handler that does nothing given any input.

E

EbayPolicyExample - Class in org.owasp.html.examples: Based on the AntiSamy EBay example.
EbayPolicyExample() - Constructor for class org.owasp.html.examples.EbayPolicyExample
ElementPolicy - Interface in org.owasp.html: A policy that can be applied to an element to decide whether or not to allow it in the output, possibly after transforming attributes.
ElementPolicy.JoinableElementPolicy - Interface in org.owasp.html
ElementPolicy.Util - Class in org.owasp.html: Utilities for working with element policies.
encodeRcdataOnto(String, Appendable) - Static method in class org.owasp.html.Encoding: Appends an encoded form of plainText to putput where the encoding is sufficient to prevent an HTML parser from transitioning out of the RCDATA state.
Encoding - Class in org.owasp.html: Encoders and decoders for HTML.
Encoding() - Constructor for class org.owasp.html.Encoding
ENTITIES - org.owasp.html.HtmlElementTables.TextContentModelBit
equals(Object) - Method in class org.owasp.html.CssSchema.Property
equals(Object) - Method in class org.owasp.html.FilterUrlByProtocolAttributePolicy

F

FilterUrlByProtocolAttributePolicy - Class in org.owasp.html: An attribute policy for attributes whose values are URLs that requires that the value have no protocol or have an allowed protocol.
FilterUrlByProtocolAttributePolicy(Iterable<? extends String>) - Constructor for class org.owasp.html.FilterUrlByProtocolAttributePolicy
FORMATTING - Static variable in class org.owasp.html.Sanitizers: Allows common formatting elements including <b>, <i>, etc.

G

get(int) - Method in class org.owasp.html.HtmlElementTables.DenseElementSet: True iff the element at index i is in the set.
getElementIndexList(int, int) - Method in class org.owasp.html.HtmlElementTables.SparseElementMultitable: The element indices mapped to by (aIndex, bIndex).
getElementNameIndex(String) - Method in class org.owasp.html.HtmlElementTables.HtmlElementNames: The index of the given element name or otherwise the index of the custom element name
getModeForTag(String) - Static method in enum org.owasp.html.HtmlTextEscapingMode: The mode used for content following a start tag with the given name.
getWrappedPolicy() - Method in class org.owasp.html.HtmlChangeReporter: The underlying policy.
getWrappedRenderer() - Method in class org.owasp.html.HtmlChangeReporter: The underlying renderer.
globally() - Method in class org.owasp.html.HtmlPolicyBuilder.AttributeBuilder: Allows the given attributes on any elements but filters the attributes' values based on previous calls to matching(...).

H

handle(T) - Method in interface org.owasp.html.Handler: Called to handle x.
Handler<T> - Interface in org.owasp.html: Receives notification of problems.
hashCode() - Method in class org.owasp.html.CssSchema.Property
hashCode() - Method in class org.owasp.html.FilterUrlByProtocolAttributePolicy
HtmlChangeListener<T> - Interface in org.owasp.html: Receives events when an HTML tag, or attribute is discarded.
HtmlChangeReporter<T> - Class in org.owasp.html: Sits between the HTML parser, the policy, and the renderer so that it can report dropped elements and attributes to an HtmlChangeListener.
HtmlChangeReporter(HtmlStreamEventReceiver, HtmlChangeListener<? super T>, T) - Constructor for class org.owasp.html.HtmlChangeReporter
HtmlElementNames(List<String>) - Constructor for class org.owasp.html.HtmlElementTables.HtmlElementNames
HtmlElementTables - Class in org.owasp.html: Metadata about HTML elements.
HtmlElementTables(HtmlElementTables.HtmlElementNames, HtmlElementTables.DenseElementBinaryMatrix, HtmlElementTables.DenseElementBinaryMatrix, HtmlElementTables.DenseElementBinaryMatrix, HtmlElementTables.SparseElementToElements, HtmlElementTables.SparseElementMultitable, HtmlElementTables.TextContentModel, HtmlElementTables.DenseElementSet) - Constructor for class org.owasp.html.HtmlElementTables
HtmlElementTables.DenseElementSet - Class in org.owasp.html: A set of elements.
HtmlElementTables.HtmlElementNames - Class in org.owasp.html: Maps between element indices and element names.
HtmlElementTables.SparseElementMultitable - Class in org.owasp.html: Maps element to elements to lists of elements.
HtmlElementTables.SparseElementToElements - Class in org.owasp.html: Maps element indices to sets of the same.
HtmlElementTables.TextContentModel - Class in org.owasp.html: For each element, the kinds of character data it can contain.
HtmlElementTables.TextContentModelBit - Enum in org.owasp.html: Describes properties of the content that could be added to an element as a result of a parse that includes its open tag.
HtmlPolicyBuilder - Class in org.owasp.html: Conveniences for configuring policies for the HtmlSanitizer.
HtmlPolicyBuilder() - Constructor for class org.owasp.html.HtmlPolicyBuilder
HtmlPolicyBuilder.AttributeBuilder - Class in org.owasp.html: Builds the relationship between attributes, the values that they may have, and the elements on which they may appear.
HtmlSanitizer - Class in org.owasp.html: Consumes an HTML stream, and dispatches events to a policy object which decides which elements and attributes to allow.
HtmlSanitizer() - Constructor for class org.owasp.html.HtmlSanitizer
HtmlSanitizer.Policy - Interface in org.owasp.html: Receives events based on the HTML stream, and applies a policy to decide what HTML constructs to allow.
HtmlStreamEventProcessor - Interface in org.owasp.html: Receives the output sink to allow user-code to post-process events.
HtmlStreamEventProcessor.Processors - Class in org.owasp.html
HtmlStreamEventReceiver - Interface in org.owasp.html: A light-weight SAX-like listener for HTML.
HtmlStreamEventReceiverWrapper - Class in org.owasp.html: An event receiver that delegates to an underlying receiver and which may be overridden to do additional work.
HtmlStreamEventReceiverWrapper(HtmlStreamEventReceiver) - Constructor for class org.owasp.html.HtmlStreamEventReceiverWrapper
HtmlStreamRenderer - Class in org.owasp.html: Given a series of HTML tokens, writes valid, normalized HTML to the output.
HtmlTagSkipType - Enum in org.owasp.html
HtmlTextEscapingMode - Enum in org.owasp.html: From section 8.1.2.6 of http://www.whatwg.org/specs/web-apps/current-work/

I

IDENTITY - Static variable in class org.owasp.html.HtmlStreamEventProcessor.Processors: A post-processor that returns the sink without wrapping it to do any additional work.
IDENTITY_ATTRIBUTE_POLICY - Static variable in interface org.owasp.html.AttributePolicy: An attribute policy that returns the value unchanged.
IDENTITY_ELEMENT_POLICY - Static variable in interface org.owasp.html.ElementPolicy: An element policy that returns the element unchanged.
IMAGES - Static variable in class org.owasp.html.Sanitizers: Allows <img> elements from HTTP, HTTPS, and relative sources.
indexForName(String) - Method in class org.owasp.html.HtmlElementTables: The element index for the element with the given name.
isAllowed(int, HtmlElementTables.TextContentModelBit) - Method in class org.owasp.html.HtmlElementTables.TextContentModel: True if the given model bit is allowed within the element.
isDocumentOpen() - Method in class org.owasp.html.HtmlStreamRenderer: True if HtmlStreamRenderer.openDocument() has been called and HtmlStreamRenderer.closeDocument() has not subsequently been called.
isInterElementWhitespace(String) - Static method in class org.owasp.html.TagBalancingHtmlStreamEventReceiver: True if text is the value of an inter-element whitespace text node as defined by HTML5.
isRaw(int) - Method in class org.owasp.html.HtmlElementTables.TextContentModel: True iff things that look like tags when they appear lexically within the element do in fact, parse to tags.
isTagFollowedByLiteralContent(String) - Static method in enum org.owasp.html.HtmlTextEscapingMode: True if content immediately following the start tag must be treated as special CDATA so that <'s are not treated as starting tags, comments or directives.
isUnended(int) - Method in class org.owasp.html.HtmlElementTables.TextContentModel: True if parsing the element always proceeds to the end of input.
isVoidElement(String) - Static method in enum org.owasp.html.HtmlTextEscapingMode: True iff the tag cannot contain any content -- will an HTML parser consider the element to have ended immediately after the start tag.

J

join(AttributePolicy...) - Static method in class org.owasp.html.AttributePolicy.Util: An attribute policy equivalent to applying all the given policies in order, failing early if any of them fails.
join(ElementPolicy...) - Static method in class org.owasp.html.ElementPolicy.Util: Given zero or more element policies, returns an element policy equivalent to applying them in order failing early if any of them fails.

L

LINKS - Static variable in class org.owasp.html.Sanitizers: Allows HTTP, HTTPS, MAILTO, and relative links.

M

main(String...) - Static method in class org.owasp.html.CssSchema: Dumps key and literal list to stdout for easy examination.
main(String[]) - Static method in class org.owasp.html.examples.EbayPolicyExample: A test-bed that reads HTML from stdin and writes sanitized content to stdout.
main(String[]) - Static method in class org.owasp.html.examples.SlashdotPolicyExample: A test-bed that reads HTML from stdin and writes sanitized content to stdout.
main(String...) - Static method in class org.owasp.html.examples.UrlTextExample: Sanitizes each of its inputs (argv) and writes them to stdout with a line-break after each one.
matching(boolean, String...) - Method in class org.owasp.html.HtmlPolicyBuilder.AttributeBuilder: Restrict the values allowed by later allow* calls to those supplied.
matching(boolean, Set<? extends String>) - Method in class org.owasp.html.HtmlPolicyBuilder.AttributeBuilder: Restrict the values allowed by later allow* calls to those supplied.
matching(Predicate<? super String>) - Method in class org.owasp.html.HtmlPolicyBuilder.AttributeBuilder: Restrict the values allowed by later allow* calls to those matching the given predicate.
matching(Pattern) - Method in class org.owasp.html.HtmlPolicyBuilder.AttributeBuilder: Restrict the values allowed by later allow* calls to those matching the pattern.
matching(AttributePolicy) - Method in class org.owasp.html.HtmlPolicyBuilder.AttributeBuilder: Filters and/or transforms the attribute values allowed by later allow* calls.

N

nElementTypes() - Method in class org.owasp.html.HtmlElementTables: The number of element types which is also the exclusive upper bound on element indices.

O

onElements(String...) - Method in class org.owasp.html.HtmlPolicyBuilder.AttributeBuilder: Allows the named attributes on the given elements but filters the attributes' values based on previous calls to matching(...).
openDocument() - Method in interface org.owasp.html.HtmlStreamEventReceiver: Called first to indicate that events follow.
openDocument() - Method in class org.owasp.html.HtmlStreamEventReceiverWrapper
openDocument() - Method in class org.owasp.html.HtmlStreamRenderer
openDocument() - Method in class org.owasp.html.TagBalancingHtmlStreamEventReceiver
openTag(String, List<String>) - Method in interface org.owasp.html.HtmlSanitizer.Policy: Called when an HTML tag like <foo bar=baz> is seen in the input.
openTag(String, List<String>) - Method in interface org.owasp.html.HtmlStreamEventReceiver: Called to specify a tag with the given name and attributes.
openTag(String, List<String>) - Method in class org.owasp.html.HtmlStreamEventReceiverWrapper
openTag(String, List<String>) - Method in class org.owasp.html.HtmlStreamRenderer
openTag(String, List<String>) - Method in class org.owasp.html.TagBalancingHtmlStreamEventReceiver
org.owasp.html - package org.owasp.html: An efficient HtmlSanitizer configurable via a flexible HtmlPolicyBuilder.
org.owasp.html.examples - package org.owasp.html.examples

P

PCDATA - org.owasp.html.HtmlTextEscapingMode: Normally escaped character data that breaks around comments and tags.
PLAIN_TEXT - org.owasp.html.HtmlElementTables.TextContentModelBit
PLAIN_TEXT - org.owasp.html.HtmlTextEscapingMode: A span of text where HTML special characters are interpreted literally, where there is no end tag.
POLICY_DEFINITION - Static variable in class org.owasp.html.examples.EbayPolicyExample: A policy that can be used to produce policies that sanitize to HTML sinks via PolicyFactory.apply(org.owasp.html.HtmlStreamEventReceiver).
POLICY_DEFINITION - Static variable in class org.owasp.html.examples.SlashdotPolicyExample: A policy definition that matches the minimal HTML that Slashdot allows.
PolicyFactory - Class in org.owasp.html: A factory that can be used to link a sanitizer to an output receiver and that provides a convenient sanitize method and a and method to compose policies.
Processors() - Constructor for class org.owasp.html.HtmlStreamEventProcessor.Processors
PROPAGATE - Static variable in interface org.owasp.html.Handler: A handler that re-raises an error, wrapping it in a runtime exception if necessary.
Property(int, Set<String>, Map<String, String>) - Constructor for class org.owasp.html.CssSchema.Property

R

RAW - org.owasp.html.HtmlElementTables.TextContentModelBit
RCDATA - org.owasp.html.HtmlTextEscapingMode: A span of text and character entity references where HTML special characters are interpreted literally, as in a TITLE tag.
REJECT_ALL_ATTRIBUTE_POLICY - Static variable in interface org.owasp.html.AttributePolicy: An attribute policy that rejects all values.
REJECT_ALL_ELEMENT_POLICY - Static variable in interface org.owasp.html.ElementPolicy: An element policy that rejects all elements.
requireRelNofollowOnLinks() - Method in class org.owasp.html.HtmlPolicyBuilder: Adds rel=nofollow to links.
requireRelsOnLinks(String...) - Method in class org.owasp.html.HtmlPolicyBuilder: Adds rel="..." to <a href="..."> tags beyond those in HtmlPolicyBuilder.DEFAULT_RELS_ON_TARGETTED_LINKS.
resumable(int) - Method in class org.owasp.html.HtmlElementTables: The elements that can be resumed after misnested inline tags.
run(Appendable, String...) - Static method in class org.owasp.html.examples.UrlTextExample: Sanitizes inputs to out.

S

sanitize(String) - Method in class org.owasp.html.PolicyFactory: A convenience function that sanitizes a string of HTML.
sanitize(String, HtmlChangeListener<CTX>, CTX) - Method in class org.owasp.html.PolicyFactory: A convenience function that sanitizes a string of HTML and reports the names of rejected element and attributes to listener.
sanitize(String, HtmlSanitizer.Policy) - Static method in class org.owasp.html.HtmlSanitizer: Sanitizes the given HTML by applying the given policy to it.
sanitize(String, HtmlSanitizer.Policy, HtmlStreamEventProcessor) - Static method in class org.owasp.html.HtmlSanitizer: Sanitizes the given HTML by applying the given policy to it.
Sanitizers - Class in org.owasp.html: Pre-packaged HTML sanitizer policies.
setNestingLimit(int) - Method in class org.owasp.html.TagBalancingHtmlStreamEventReceiver: Set the maximum element nesting depth.
setPolicy(HtmlSanitizer.Policy) - Method in class org.owasp.html.HtmlChangeReporter: Associates an input channel.
SKIP - org.owasp.html.HtmlTagSkipType
SKIP_BY_DEFAULT - org.owasp.html.HtmlTagSkipType
skipAvailability() - Method in enum org.owasp.html.HtmlTagSkipType
skipRelsOnLinks(String...) - Method in class org.owasp.html.HtmlPolicyBuilder: Opts out of some of the HtmlPolicyBuilder.DEFAULT_RELS_ON_TARGETTED_LINKS from being added to links, and reverses previous calls to requireRelsOnLinks with the given link values.
SlashdotPolicyExample - Class in org.owasp.html.examples: Based on the AntiSamy Slashdot example.
SlashdotPolicyExample() - Constructor for class org.owasp.html.examples.SlashdotPolicyExample
SparseElementMultitable(int[][][]) - Constructor for class org.owasp.html.HtmlElementTables.SparseElementMultitable
SparseElementToElements(int[][]) - Constructor for class org.owasp.html.HtmlElementTables.SparseElementToElements
STYLES - Static variable in class org.owasp.html.Sanitizers: Allows certain safe CSS properties in style="..." attributes.

T

TABLES - Static variable in class org.owasp.html.Sanitizers: Allows common table elements.
TagBalancingHtmlStreamEventReceiver - Class in org.owasp.html: Wraps an HTML stream event receiver to fill in missing close tags.
TagBalancingHtmlStreamEventReceiver(HtmlStreamEventReceiver) - Constructor for class org.owasp.html.TagBalancingHtmlStreamEventReceiver
TCB - Annotation Type in org.owasp.html: Indicates that a program element is in the trusted computing base -- there exists a security property that could be violated if this code is not correct.
text(String) - Method in interface org.owasp.html.HtmlSanitizer.Policy: Called when textual content is seen.
text(String) - Method in interface org.owasp.html.HtmlStreamEventReceiver: Called to specify a text node.
text(String) - Method in class org.owasp.html.HtmlStreamEventReceiverWrapper
text(String) - Method in class org.owasp.html.HtmlStreamRenderer
text(String) - Method in class org.owasp.html.TagBalancingHtmlStreamEventReceiver
TEXT - org.owasp.html.HtmlElementTables.TextContentModelBit
TEXT_NODE - Static variable in class org.owasp.html.HtmlElementTables: Pseudo element index for text nodes.
TextContentModel(byte[]) - Constructor for class org.owasp.html.HtmlElementTables.TextContentModel
toFactory() - Method in class org.owasp.html.HtmlPolicyBuilder: Like HtmlPolicyBuilder.build(org.owasp.html.HtmlStreamEventReceiver) but can be reused to create many different policies each backed by a different output channel.

U

UNENDED - org.owasp.html.HtmlElementTables.TextContentModelBit
union(CssSchema...) - Static method in class org.owasp.html.CssSchema: A schema that represents the union of the input schemas.
unpack(int[], int) - Static method in class org.owasp.html.HtmlElementTables: Unpacks a boolean[] from an array of ints.
UrlTextExample - Class in org.owasp.html.examples: Uses a custom event receiver to emit the domain of a link or inline image after the link or image.
UrlTextExample() - Constructor for class org.owasp.html.examples.UrlTextExample
Util() - Constructor for class org.owasp.html.AttributePolicy.Util

V

valueOf(String) - Static method in enum org.owasp.html.HtmlElementTables.TextContentModelBit: Returns the enum constant of this type with the specified name.
valueOf(String) - Static method in enum org.owasp.html.HtmlTagSkipType: Returns the enum constant of this type with the specified name.
valueOf(String) - Static method in enum org.owasp.html.HtmlTextEscapingMode: Returns the enum constant of this type with the specified name.
values() - Static method in enum org.owasp.html.HtmlElementTables.TextContentModelBit: Returns an array containing the constants of this enum type, in the order they are declared.
values() - Static method in enum org.owasp.html.HtmlTagSkipType: Returns an array containing the constants of this enum type, in the order they are declared.
values() - Static method in enum org.owasp.html.HtmlTextEscapingMode: Returns an array containing the constants of this enum type, in the order they are declared.
VOID - org.owasp.html.HtmlTextEscapingMode: Cannot contain data.

W

withPostprocessor(HtmlStreamEventProcessor) - Method in class org.owasp.html.HtmlPolicyBuilder: Inserts a post-processor into the pipeline between the policy and the output sink.
withPreprocessor(HtmlStreamEventProcessor) - Method in class org.owasp.html.HtmlPolicyBuilder: Inserts a pre-processor into the pipeline between the lexer and the policy.
withProperties(Iterable<? extends String>) - Static method in class org.owasp.html.CssSchema: A schema that includes all and only the named properties.
withProperties(Map<? extends String, ? extends CssSchema.Property>) - Static method in class org.owasp.html.CssSchema: A schema that includes all and only the named properties.
wrap(HtmlStreamEventReceiver) - Method in interface org.owasp.html.HtmlStreamEventProcessor

A B C D E F G H I J L M N O P R S T U V W
All Classes All Packages