@ParametersAreNonnullByDefault
HtmlSanitizer
configurable via a flexible
HtmlPolicyBuilder.See: Description
| Interface | Description |
|---|---|
| AttributePolicy |
A policy that can be applied to an HTML attribute to decide whether or not to
allow it in the output, possibly after transforming its value.
|
| ElementPolicy |
A policy that can be applied to an element to decide whether or not to
allow it in the output, possibly after transforming attributes.
|
| ElementPolicy.JoinableElementPolicy | |
| Handler<T> |
Receives notification of problems.
|
| HtmlChangeListener<T> |
Receives events when an HTML tag, or attribute is discarded.
|
| HtmlSanitizer.Policy |
Receives events based on the HTML stream, and applies a policy to decide
what HTML constructs to allow.
|
| HtmlStreamEventProcessor |
Receives the output sink to allow user-code to post-process events.
|
| HtmlStreamEventReceiver |
A light-weight SAX-like listener for HTML.
|
| Class | Description |
|---|---|
| AttributePolicy.Util |
Utilities for working with attribute policies.
|
| CssSchema |
Describes the kinds of tokens a CSS property's value can safely contain.
|
| ElementPolicy.Util |
Utilities for working with element policies.
|
| FilterUrlByProtocolAttributePolicy |
An attribute policy for attributes whose values are URLs that requires that
the value have no protocol or have an allowed protocol.
|
| HtmlChangeReporter<T> |
Sits between the HTML parser, and then policy, and the renderer so that it
can report dropped elements and attributes to an
HtmlChangeListener. |
| HtmlElementTables |
Metadata about HTML elements.
|
| HtmlElementTables.DenseElementSet |
A set of elements.
|
| HtmlElementTables.HtmlElementNames |
Maps between element indices and element names.
|
| HtmlElementTables.SparseElementMultitable |
Maps element to elements to lists of elements.
|
| HtmlElementTables.SparseElementToElements |
Maps element indices to sets of the same.
|
| HtmlElementTables.TextContentModel |
For each element, the kinds of character data it can contain.
|
| HtmlPolicyBuilder |
Conveniences for configuring policies for the
HtmlSanitizer. |
| HtmlSanitizer |
Consumes an HTML stream, and dispatches events to a policy object which
decides which elements and attributes to allow.
|
| HtmlStreamEventProcessor.Processors | |
| HtmlStreamEventReceiverWrapper |
An event receiver that delegates to an underlying receiver and which may
be overridden to do additional work.
|
| HtmlStreamRenderer |
Given a series of HTML tokens, writes valid, normalized HTML to the output.
|
| PolicyFactory | |
| Sanitizers |
Pre-packaged HTML sanitizer policies.
|
| TagBalancingHtmlStreamEventReceiver |
Wraps an HTML stream event receiver to fill in missing close tags.
|
| Enum | Description |
|---|---|
| HtmlElementTables.TextContentModelBit |
Describes properties of the content that could be added to an element
as a result of a parse that includes its open tag.
|
| HtmlTextEscapingMode |
From section 8.1.2.6 of http://www.whatwg.org/specs/web-apps/current-work/
|
| Annotation Type | Description |
|---|---|
| TCB |
Indicates that a program element is in the trusted computing base --
there exists a security property that could be violated if this code is not
correct.
|
HtmlSanitizer
configurable via a flexible
HtmlPolicyBuilder.Copyright © 2017 OWASP. All rights reserved.