1 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> 2 <!--NewPage--> 3 <HTML> 4 <HEAD> 5 <META http-equiv="Content-Type" content="text/html; charset=UTF-8"> 6 <TITLE> 7 Uses of Class org.owasp.html.HtmlPolicyBuilder (OWASP Java HTML Sanitizer) 8 </TITLE> 9 10 11 <LINK REL ="stylesheet" TYPE="text/css" HREF="../../../../stylesheet.css" TITLE="Style"> 12 13 <SCRIPT type="text/javascript"> 14 function windowTitle() 15 { 16 if (location.href.indexOf('is-external=true') == -1) { 17 parent.document.title="Uses of Class org.owasp.html.HtmlPolicyBuilder (OWASP Java HTML Sanitizer)"; 18 } 19 } 20 </SCRIPT> 21 <NOSCRIPT> 22 </NOSCRIPT> 23 24 </HEAD> 25 26 <BODY BGCOLOR="white" onload="windowTitle();"> 27 <HR> 28 29 30 <!-- ========= START OF TOP NAVBAR ======= --> 31 <A NAME="navbar_top"><!-- --></A> 32 <A HREF="#skip-navbar_top" title="Skip navigation links"></A> 33 <TABLE BORDER="0" WIDTH="100%" CELLPADDING="1" CELLSPACING="0" SUMMARY=""> 34 <TR> 35 <TD COLSPAN=2 BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> 36 <A NAME="navbar_top_firstrow"><!-- --></A> 37 <TABLE BORDER="0" CELLPADDING="0" CELLSPACING="3" SUMMARY=""> 38 <TR ALIGN="center" VALIGN="top"> 39 <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../overview-summary.html"><FONT CLASS="NavBarFont1"><B>Overview</B></FONT></A> </TD> 40 <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../package-summary.html"><FONT CLASS="NavBarFont1"><B>Package</B></FONT></A> </TD> 41 <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../org/owasp/html/HtmlPolicyBuilder.html" title="class in org.owasp.html"><FONT CLASS="NavBarFont1"><B>Class</B></FONT></A> </TD> 42 <TD BGCOLOR="#FFFFFF" CLASS="NavBarCell1Rev"> <FONT CLASS="NavBarFont1Rev"><B>Use</B></FONT> </TD> 43 <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../overview-tree.html"><FONT CLASS="NavBarFont1"><B>Tree</B></FONT></A> </TD> 44 <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../deprecated-list.html"><FONT CLASS="NavBarFont1"><B>Deprecated</B></FONT></A> </TD> 45 <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../index-files/index-1.html"><FONT CLASS="NavBarFont1"><B>Index</B></FONT></A> </TD> 46 </TR> 47 </TABLE> 48 </TD> 49 <TD ALIGN="right" VALIGN="top" ROWSPAN=3><EM> 50 <a href="http://code.google.com/p/owasp-java-html-sanitizer" target=_top>code.google.com home</a></EM> 51 </TD> 52 </TR> 53 54 <TR> 55 <TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2"> 56 PREV 57 NEXT</FONT></TD> 58 <TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2"> 59 <A HREF="../../../../index.html?org/owasp/html//class-useHtmlPolicyBuilder.html" target="_top"><B>FRAMES</B></A> 60 <A HREF="HtmlPolicyBuilder.html" target="_top"><B>NO FRAMES</B></A> 61 <SCRIPT type="text/javascript"> 62 <!-- 63 if(window==top) { 64 document.writeln('<A HREF="../../../../allclasses-noframe.html"><B>All Classes</B></A>'); 65 } 66 //--> 67 </SCRIPT> 68 <NOSCRIPT> 69 <A HREF="../../../../allclasses-noframe.html"><B>All Classes</B></A> 70 </NOSCRIPT> 71 72 73 </FONT></TD> 74 </TR> 75 </TABLE> 76 <A NAME="skip-navbar_top"></A> 77 <!-- ========= END OF TOP NAVBAR ========= --> 78 79 <HR> 80 <CENTER> 81 <H2> 82 <B>Uses of Class<br>org.owasp.html.HtmlPolicyBuilder</B></H2> 83 </CENTER> 84 85 <TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY=""> 86 <TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor"> 87 <TH ALIGN="left" COLSPAN="2"><FONT SIZE="+2"> 88 Packages that use <A HREF="../../../../org/owasp/html/HtmlPolicyBuilder.html" title="class in org.owasp.html">HtmlPolicyBuilder</A></FONT></TH> 89 </TR> 90 <TR BGCOLOR="white" CLASS="TableRowColor"> 91 <TD><A HREF="#org.owasp.html"><B>org.owasp.html</B></A></TD> 92 <TD>An efficient <A HREF="../../../../org/owasp/html/HtmlSanitizer.html" title="class in org.owasp.html"><CODE>HtmlSanitizer</CODE></A> 93 configurable via a flexible 94 <A HREF="../../../../org/owasp/html/HtmlPolicyBuilder.html" title="class in org.owasp.html"><CODE>HtmlPolicyBuilder</CODE></A>. </TD> 95 </TR> 96 </TABLE> 97 98 <P> 99 <A NAME="org.owasp.html"><!-- --></A> 100 <TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY=""> 101 <TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor"> 102 <TH ALIGN="left" COLSPAN="2"><FONT SIZE="+2"> 103 Uses of <A HREF="../../../../org/owasp/html/HtmlPolicyBuilder.html" title="class in org.owasp.html">HtmlPolicyBuilder</A> in <A HREF="../../../../org/owasp/html/package-summary.html">org.owasp.html</A></FONT></TH> 104 </TR> 105 </TABLE> 106 107 <P> 108 109 <TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY=""> 110 <TR BGCOLOR="#CCCCFF" CLASS="TableSubHeadingColor"> 111 <TH ALIGN="left" COLSPAN="2">Methods in <A HREF="../../../../org/owasp/html/package-summary.html">org.owasp.html</A> that return <A HREF="../../../../org/owasp/html/HtmlPolicyBuilder.html" title="class in org.owasp.html">HtmlPolicyBuilder</A></FONT></TH> 112 </TR> 113 <TR BGCOLOR="white" CLASS="TableRowColor"> 114 <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> 115 <CODE> <A HREF="../../../../org/owasp/html/HtmlPolicyBuilder.html" title="class in org.owasp.html">HtmlPolicyBuilder</A></CODE></FONT></TD> 116 <TD><CODE><B>HtmlPolicyBuilder.</B><B><A HREF="../../../../org/owasp/html/HtmlPolicyBuilder.html#allowCommonBlockElements()">allowCommonBlockElements</A></B>()</CODE> 117 118 <BR> 119 A canned policy that allows a number of common block elements.</TD> 120 </TR> 121 <TR BGCOLOR="white" CLASS="TableRowColor"> 122 <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> 123 <CODE> <A HREF="../../../../org/owasp/html/HtmlPolicyBuilder.html" title="class in org.owasp.html">HtmlPolicyBuilder</A></CODE></FONT></TD> 124 <TD><CODE><B>HtmlPolicyBuilder.</B><B><A HREF="../../../../org/owasp/html/HtmlPolicyBuilder.html#allowCommonInlineFormattingElements()">allowCommonInlineFormattingElements</A></B>()</CODE> 125 126 <BR> 127 A canned policy that allows a number of common formatting elements.</TD> 128 </TR> 129 <TR BGCOLOR="white" CLASS="TableRowColor"> 130 <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> 131 <CODE> <A HREF="../../../../org/owasp/html/HtmlPolicyBuilder.html" title="class in org.owasp.html">HtmlPolicyBuilder</A></CODE></FONT></TD> 132 <TD><CODE><B>HtmlPolicyBuilder.</B><B><A HREF="../../../../org/owasp/html/HtmlPolicyBuilder.html#allowElements(org.owasp.html.ElementPolicy, java.lang.String...)">allowElements</A></B>(<A HREF="../../../../org/owasp/html/ElementPolicy.html" title="interface in org.owasp.html">ElementPolicy</A> policy, 133 java.lang.String... elementNames)</CODE> 134 135 <BR> 136 Allow the given elements with the given policy.</TD> 137 </TR> 138 <TR BGCOLOR="white" CLASS="TableRowColor"> 139 <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> 140 <CODE> <A HREF="../../../../org/owasp/html/HtmlPolicyBuilder.html" title="class in org.owasp.html">HtmlPolicyBuilder</A></CODE></FONT></TD> 141 <TD><CODE><B>HtmlPolicyBuilder.</B><B><A HREF="../../../../org/owasp/html/HtmlPolicyBuilder.html#allowElements(java.lang.String...)">allowElements</A></B>(java.lang.String... elementNames)</CODE> 142 143 <BR> 144 Allows the named elements.</TD> 145 </TR> 146 <TR BGCOLOR="white" CLASS="TableRowColor"> 147 <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> 148 <CODE> <A HREF="../../../../org/owasp/html/HtmlPolicyBuilder.html" title="class in org.owasp.html">HtmlPolicyBuilder</A></CODE></FONT></TD> 149 <TD><CODE><B>HtmlPolicyBuilder.</B><B><A HREF="../../../../org/owasp/html/HtmlPolicyBuilder.html#allowStandardUrlProtocols()">allowStandardUrlProtocols</A></B>()</CODE> 150 151 <BR> 152 A canned URL protocol policy that allows <code>http</code>, 153 <code>https</code>, and <code>mailto</code>.</TD> 154 </TR> 155 <TR BGCOLOR="white" CLASS="TableRowColor"> 156 <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> 157 <CODE> <A HREF="../../../../org/owasp/html/HtmlPolicyBuilder.html" title="class in org.owasp.html">HtmlPolicyBuilder</A></CODE></FONT></TD> 158 <TD><CODE><B>HtmlPolicyBuilder.</B><B><A HREF="../../../../org/owasp/html/HtmlPolicyBuilder.html#allowStyling()">allowStyling</A></B>()</CODE> 159 160 <BR> 161 Convert <code>style="<CSS>"</code> to sanitized CSS which allows 162 color, font-size, type-face, and other styling using the default schema; 163 but which does not allow content to escape its clipping context.</TD> 164 </TR> 165 <TR BGCOLOR="white" CLASS="TableRowColor"> 166 <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> 167 <CODE> <A HREF="../../../../org/owasp/html/HtmlPolicyBuilder.html" title="class in org.owasp.html">HtmlPolicyBuilder</A></CODE></FONT></TD> 168 <TD><CODE><B>HtmlPolicyBuilder.</B><B><A HREF="../../../../org/owasp/html/HtmlPolicyBuilder.html#allowStyling(org.owasp.html.CssSchema)">allowStyling</A></B>(<A HREF="../../../../org/owasp/html/CssSchema.html" title="class in org.owasp.html">CssSchema</A> whitelist)</CODE> 169 170 <BR> 171 Convert <code>style="<CSS>"</code> to sanitized CSS which allows 172 color, font-size, type-face, and other styling using the given schema.</TD> 173 </TR> 174 <TR BGCOLOR="white" CLASS="TableRowColor"> 175 <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> 176 <CODE> <A HREF="../../../../org/owasp/html/HtmlPolicyBuilder.html" title="class in org.owasp.html">HtmlPolicyBuilder</A></CODE></FONT></TD> 177 <TD><CODE><B>HtmlPolicyBuilder.</B><B><A HREF="../../../../org/owasp/html/HtmlPolicyBuilder.html#allowTextIn(java.lang.String...)">allowTextIn</A></B>(java.lang.String... elementNames)</CODE> 178 179 <BR> 180 Allows text content in the named elements.</TD> 181 </TR> 182 <TR BGCOLOR="white" CLASS="TableRowColor"> 183 <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> 184 <CODE> <A HREF="../../../../org/owasp/html/HtmlPolicyBuilder.html" title="class in org.owasp.html">HtmlPolicyBuilder</A></CODE></FONT></TD> 185 <TD><CODE><B>HtmlPolicyBuilder.</B><B><A HREF="../../../../org/owasp/html/HtmlPolicyBuilder.html#allowUrlProtocols(java.lang.String...)">allowUrlProtocols</A></B>(java.lang.String... protocols)</CODE> 186 187 <BR> 188 Adds to the set of protocols that are allowed in URL attributes.</TD> 189 </TR> 190 <TR BGCOLOR="white" CLASS="TableRowColor"> 191 <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> 192 <CODE> <A HREF="../../../../org/owasp/html/HtmlPolicyBuilder.html" title="class in org.owasp.html">HtmlPolicyBuilder</A></CODE></FONT></TD> 193 <TD><CODE><B>HtmlPolicyBuilder.</B><B><A HREF="../../../../org/owasp/html/HtmlPolicyBuilder.html#allowWithoutAttributes(java.lang.String...)">allowWithoutAttributes</A></B>(java.lang.String... elementNames)</CODE> 194 195 <BR> 196 Assuming the given elements are allowed, allows them to appear without 197 attributes.</TD> 198 </TR> 199 <TR BGCOLOR="white" CLASS="TableRowColor"> 200 <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> 201 <CODE> <A HREF="../../../../org/owasp/html/HtmlPolicyBuilder.html" title="class in org.owasp.html">HtmlPolicyBuilder</A></CODE></FONT></TD> 202 <TD><CODE><B>HtmlPolicyBuilder.</B><B><A HREF="../../../../org/owasp/html/HtmlPolicyBuilder.html#disallowElements(java.lang.String...)">disallowElements</A></B>(java.lang.String... elementNames)</CODE> 203 204 <BR> 205 Disallows the named elements.</TD> 206 </TR> 207 <TR BGCOLOR="white" CLASS="TableRowColor"> 208 <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> 209 <CODE> <A HREF="../../../../org/owasp/html/HtmlPolicyBuilder.html" title="class in org.owasp.html">HtmlPolicyBuilder</A></CODE></FONT></TD> 210 <TD><CODE><B>HtmlPolicyBuilder.</B><B><A HREF="../../../../org/owasp/html/HtmlPolicyBuilder.html#disallowTextIn(java.lang.String...)">disallowTextIn</A></B>(java.lang.String... elementNames)</CODE> 211 212 <BR> 213 </TD> 214 </TR> 215 <TR BGCOLOR="white" CLASS="TableRowColor"> 216 <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> 217 <CODE> <A HREF="../../../../org/owasp/html/HtmlPolicyBuilder.html" title="class in org.owasp.html">HtmlPolicyBuilder</A></CODE></FONT></TD> 218 <TD><CODE><B>HtmlPolicyBuilder.</B><B><A HREF="../../../../org/owasp/html/HtmlPolicyBuilder.html#disallowUrlProtocols(java.lang.String...)">disallowUrlProtocols</A></B>(java.lang.String... protocols)</CODE> 219 220 <BR> 221 Reverses a decision made by <A HREF="../../../../org/owasp/html/HtmlPolicyBuilder.html#allowUrlProtocols(java.lang.String...)"><CODE>allowUrlProtocols(java.lang.String...)</CODE></A>.</TD> 222 </TR> 223 <TR BGCOLOR="white" CLASS="TableRowColor"> 224 <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> 225 <CODE> <A HREF="../../../../org/owasp/html/HtmlPolicyBuilder.html" title="class in org.owasp.html">HtmlPolicyBuilder</A></CODE></FONT></TD> 226 <TD><CODE><B>HtmlPolicyBuilder.</B><B><A HREF="../../../../org/owasp/html/HtmlPolicyBuilder.html#disallowWithoutAttributes(java.lang.String...)">disallowWithoutAttributes</A></B>(java.lang.String... elementNames)</CODE> 227 228 <BR> 229 Disallows the given elements from appearing without attributes.</TD> 230 </TR> 231 <TR BGCOLOR="white" CLASS="TableRowColor"> 232 <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> 233 <CODE> <A HREF="../../../../org/owasp/html/HtmlPolicyBuilder.html" title="class in org.owasp.html">HtmlPolicyBuilder</A></CODE></FONT></TD> 234 <TD><CODE><B>HtmlPolicyBuilder.AttributeBuilder.</B><B><A HREF="../../../../org/owasp/html/HtmlPolicyBuilder.AttributeBuilder.html#globally()">globally</A></B>()</CODE> 235 236 <BR> 237 Allows the given attributes on any elements but filters the 238 attributes' values based on previous calls to <code>matching(...)</code>.</TD> 239 </TR> 240 <TR BGCOLOR="white" CLASS="TableRowColor"> 241 <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> 242 <CODE> <A HREF="../../../../org/owasp/html/HtmlPolicyBuilder.html" title="class in org.owasp.html">HtmlPolicyBuilder</A></CODE></FONT></TD> 243 <TD><CODE><B>HtmlPolicyBuilder.AttributeBuilder.</B><B><A HREF="../../../../org/owasp/html/HtmlPolicyBuilder.AttributeBuilder.html#onElements(java.lang.String...)">onElements</A></B>(java.lang.String... elementNames)</CODE> 244 245 <BR> 246 Allows the named attributes on the given elements but filters the 247 attributes' values based on previous calls to <code>matching(...)</code>.</TD> 248 </TR> 249 <TR BGCOLOR="white" CLASS="TableRowColor"> 250 <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> 251 <CODE> <A HREF="../../../../org/owasp/html/HtmlPolicyBuilder.html" title="class in org.owasp.html">HtmlPolicyBuilder</A></CODE></FONT></TD> 252 <TD><CODE><B>HtmlPolicyBuilder.</B><B><A HREF="../../../../org/owasp/html/HtmlPolicyBuilder.html#requireRelNofollowOnLinks()">requireRelNofollowOnLinks</A></B>()</CODE> 253 254 <BR> 255 Adds <a href="http://en.wikipedia.org/wiki/Nofollow"><code>rel=nofollow</code></a> 256 to links.</TD> 257 </TR> 258 </TABLE> 259 260 <P> 261 <HR> 262 263 264 <!-- ======= START OF BOTTOM NAVBAR ====== --> 265 <A NAME="navbar_bottom"><!-- --></A> 266 <A HREF="#skip-navbar_bottom" title="Skip navigation links"></A> 267 <TABLE BORDER="0" WIDTH="100%" CELLPADDING="1" CELLSPACING="0" SUMMARY=""> 268 <TR> 269 <TD COLSPAN=2 BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> 270 <A NAME="navbar_bottom_firstrow"><!-- --></A> 271 <TABLE BORDER="0" CELLPADDING="0" CELLSPACING="3" SUMMARY=""> 272 <TR ALIGN="center" VALIGN="top"> 273 <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../overview-summary.html"><FONT CLASS="NavBarFont1"><B>Overview</B></FONT></A> </TD> 274 <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../package-summary.html"><FONT CLASS="NavBarFont1"><B>Package</B></FONT></A> </TD> 275 <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../org/owasp/html/HtmlPolicyBuilder.html" title="class in org.owasp.html"><FONT CLASS="NavBarFont1"><B>Class</B></FONT></A> </TD> 276 <TD BGCOLOR="#FFFFFF" CLASS="NavBarCell1Rev"> <FONT CLASS="NavBarFont1Rev"><B>Use</B></FONT> </TD> 277 <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../overview-tree.html"><FONT CLASS="NavBarFont1"><B>Tree</B></FONT></A> </TD> 278 <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../deprecated-list.html"><FONT CLASS="NavBarFont1"><B>Deprecated</B></FONT></A> </TD> 279 <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../index-files/index-1.html"><FONT CLASS="NavBarFont1"><B>Index</B></FONT></A> </TD> 280 </TR> 281 </TABLE> 282 </TD> 283 <TD ALIGN="right" VALIGN="top" ROWSPAN=3><EM> 284 <a href="http://code.google.com/p/owasp-java-html-sanitizer" target=_top>code.google.com home</a></EM> 285 </TD> 286 </TR> 287 288 <TR> 289 <TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2"> 290 PREV 291 NEXT</FONT></TD> 292 <TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2"> 293 <A HREF="../../../../index.html?org/owasp/html//class-useHtmlPolicyBuilder.html" target="_top"><B>FRAMES</B></A> 294 <A HREF="HtmlPolicyBuilder.html" target="_top"><B>NO FRAMES</B></A> 295 <SCRIPT type="text/javascript"> 296 <!-- 297 if(window==top) { 298 document.writeln('<A HREF="../../../../allclasses-noframe.html"><B>All Classes</B></A>'); 299 } 300 //--> 301 </SCRIPT> 302 <NOSCRIPT> 303 <A HREF="../../../../allclasses-noframe.html"><B>All Classes</B></A> 304 </NOSCRIPT> 305 306 307 </FONT></TD> 308 </TR> 309 </TABLE> 310 <A NAME="skip-navbar_bottom"></A> 311 <!-- ======== END OF BOTTOM NAVBAR ======= --> 312 313 <HR> 314 315 </BODY> 316 </HTML> 317
