com.google.gwt.safehtml.shared.SimpleHtmlSanitizer
|
GWT 2.7.0 | |||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||
java.lang.Object
public final class SimpleHtmlSanitizer
A simple and relatively inexpensive HTML sanitizer.
This sanitizer accepts the subset of HTML consisting of the following attribute-free tags:
<b>, <em>, <i><h1>, <h2>, <h3>,
<h4>, <h5>, <h6><ul>, <ol>. <li><hr>
| Method Summary | |
|---|---|
static SimpleHtmlSanitizer |
getInstance()
Return a singleton SimpleHtmlSanitizer instance. |
SafeHtml |
sanitize(java.lang.String html)
Sanitizes a string into SafeHtml. |
static SafeHtml |
sanitizeHtml(java.lang.String html)
HTML-sanitizes a string. |
| Methods inherited from class java.lang.Object |
|---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Method Detail |
|---|
public static SimpleHtmlSanitizer getInstance()
public static SafeHtml sanitizeHtml(java.lang.String html)
The input string is processed as described above. The result of sanitizing
the string is guaranteed to be safe to use (with respect to XSS
vulnerabilities) in HTML contexts, and is returned as an instance of the
SafeHtml type.
html - the input String
public SafeHtml sanitize(java.lang.String html)
HtmlSanitizerSafeHtml.
sanitize in interface HtmlSanitizerhtml - String containing untrusted HTML.
html, sanitized according to the
policy implemented by this sanitizer.
|
GWT 2.7.0 | |||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||