Package cz.metacentrum.perun.core.impl
Class HTMLParser
java.lang.Object
cz.metacentrum.perun.core.impl.HTMLParser
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptioncheckEscapedHTML
(String escaped, String unescaped) Checks if the given input is sanitized.clear()
Clears the list of escaped tags and attributes.void
computeInvalidLink
(String input, String escaped) Computes the difference between all links in the escaped and unescaped input.String[]
Returns array of strings containing Error strings.Returns last input after the HTML sanitization process.static String
getMessage
(String[] escaped) Returns a string containing the tags and attributes that were removed during the sanitization.Returns last input used in the sanitizeHTML method.boolean
isCheckboxLabelSafe
(String input) Sanitizes input checkbox label.boolean
sanitizeHTML
(String input) Sanitizes the given input using the predefined policy.
-
Constructor Details
-
HTMLParser
public HTMLParser()
-
-
Method Details
-
getMessage
Returns a string containing the tags and attributes that were removed during the sanitization.- Parameters:
escaped
- - array of tags and attributes that were removed- Returns:
- message - string containing the tags and attributes that were removed
-
getMessage
-
checkEscapedHTML
-
checkEscapedHTML
Checks if the given input is sanitized.- Parameters:
escaped
- - sanitized inputunescaped
- - unsanitized input- Returns:
- String[] of tags that are not the same and were removed during the sanitization
-
clear
Clears the list of escaped tags and attributes. Recomputes the policy and resets the escapedHTML/unescapedHTML and escapedStrings. isInputValid is set to true. -
computeInvalidLink
Computes the difference between all links in the escaped and unescaped input.- Parameters:
input
- - unescaped inputescaped
- - escaped input
-
getEscaped
Returns array of strings containing Error strings. 0 -> tags, 1 -> attributes, 2 -> styles- Returns:
- escapedStrings - array of error strings
-
getEscapedHTML
Returns last input after the HTML sanitization process.- Returns:
- escapedHTML - sanitized HTML input
-
getRawInput
Returns last input used in the sanitizeHTML method.- Returns:
- escapedTags - list of escaped tags
-
isCheckboxLabelSafe
Sanitizes input checkbox label. Only elements with `href` and `target` attributes are allowed.- Parameters:
input
- checkbox label to sanitize- Returns:
- true if safe, false otherwise
-
isInputValid
public boolean isInputValid() -
sanitizeHTML
Sanitizes the given input using the predefined policy.- Parameters:
input
- - input to sanitize- Returns:
- sanitized input
-