Home | History | Annotate | Download | only in html 
      1 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
      2 <!--NewPage-->
      3 <HTML>
      4 <HEAD>
      5 <META http-equiv="Content-Type" content="text/html; charset=UTF-8">
      6 <TITLE>
      7 AttributePolicy (OWASP Java HTML Sanitizer)
      8 </TITLE>
      9 
     10 
     11 <LINK REL ="stylesheet" TYPE="text/css" HREF="../../../stylesheet.css" TITLE="Style">
     12 
     13 <SCRIPT type="text/javascript">
     14 function windowTitle()
     15 {
     16     if (location.href.indexOf('is-external=true') == -1) {
     17         parent.document.title="AttributePolicy (OWASP Java HTML Sanitizer)";
     18     }
     19 }
     20 </SCRIPT>
     21 <NOSCRIPT>
     22 </NOSCRIPT>
     23 
     24 </HEAD>
     25 
     26 <BODY BGCOLOR="white" onload="windowTitle();">
     27 <HR>
     28 
     29 
     30 <!-- ========= START OF TOP NAVBAR ======= -->
     31 <A NAME="navbar_top"><!-- --></A>
     32 <A HREF="#skip-navbar_top" title="Skip navigation links"></A>
     33 <TABLE BORDER="0" WIDTH="100%" CELLPADDING="1" CELLSPACING="0" SUMMARY="">
     34 <TR>
     35 <TD COLSPAN=2 BGCOLOR="#EEEEFF" CLASS="NavBarCell1">
     36 <A NAME="navbar_top_firstrow"><!-- --></A>
     37 <TABLE BORDER="0" CELLPADDING="0" CELLSPACING="3" SUMMARY="">
     38   <TR ALIGN="center" VALIGN="top">
     39   <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="../../../overview-summary.html"><FONT CLASS="NavBarFont1"><B>Overview</B></FONT></A>&nbsp;</TD>
     40   <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="package-summary.html"><FONT CLASS="NavBarFont1"><B>Package</B></FONT></A>&nbsp;</TD>
     41   <TD BGCOLOR="#FFFFFF" CLASS="NavBarCell1Rev"> &nbsp;<FONT CLASS="NavBarFont1Rev"><B>Class</B></FONT>&nbsp;</TD>
     42   <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="class-use/AttributePolicy.html"><FONT CLASS="NavBarFont1"><B>Use</B></FONT></A>&nbsp;</TD>
     43   <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="package-tree.html"><FONT CLASS="NavBarFont1"><B>Tree</B></FONT></A>&nbsp;</TD>
     44   <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="../../../deprecated-list.html"><FONT CLASS="NavBarFont1"><B>Deprecated</B></FONT></A>&nbsp;</TD>
     45   <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="../../../index-files/index-1.html"><FONT CLASS="NavBarFont1"><B>Index</B></FONT></A>&nbsp;</TD>
     46   </TR>
     47 </TABLE>
     48 </TD>
     49 <TD ALIGN="right" VALIGN="top" ROWSPAN=3><EM>
     50 <a href="http://code.google.com/p/owasp-java-html-sanitizer" target=_top>code.google.com home</a></EM>
     51 </TD>
     52 </TR>
     53 
     54 <TR>
     55 <TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2">
     56 &nbsp;PREV CLASS&nbsp;
     57 &nbsp;<A HREF="../../../org/owasp/html/AttributePolicy.Util.html" title="class in org.owasp.html"><B>NEXT CLASS</B></A></FONT></TD>
     58 <TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2">
     59   <A HREF="../../../index.html?org/owasp/html/AttributePolicy.html" target="_top"><B>FRAMES</B></A>  &nbsp;
     60 &nbsp;<A HREF="AttributePolicy.html" target="_top"><B>NO FRAMES</B></A>  &nbsp;
     61 &nbsp;<SCRIPT type="text/javascript">
     62   <!--
     63   if(window==top) {
     64     document.writeln('<A HREF="../../../allclasses-noframe.html"><B>All Classes</B></A>');
     65   }
     66   //-->
     67 </SCRIPT>
     68 <NOSCRIPT>
     69   <A HREF="../../../allclasses-noframe.html"><B>All Classes</B></A>
     70 </NOSCRIPT>
     71 
     72 
     73 </FONT></TD>
     74 </TR>
     75 <TR>
     76 <TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2">
     77   SUMMARY:&nbsp;<A HREF="#nested_class_summary">NESTED</A>&nbsp;|&nbsp;<A HREF="#field_summary">FIELD</A>&nbsp;|&nbsp;CONSTR&nbsp;|&nbsp;<A HREF="#method_summary">METHOD</A></FONT></TD>
     78 <TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2">
     79 DETAIL:&nbsp;<A HREF="#field_detail">FIELD</A>&nbsp;|&nbsp;CONSTR&nbsp;|&nbsp;<A HREF="#method_detail">METHOD</A></FONT></TD>
     80 </TR>
     81 </TABLE>
     82 <A NAME="skip-navbar_top"></A>
     83 <!-- ========= END OF TOP NAVBAR ========= -->
     84 
     85 <HR>
     86 <!-- ======== START OF CLASS DATA ======== -->
     87 <H2>
     88 <FONT SIZE="-1">
     89 org.owasp.html</FONT>
     90 <BR>
     91 Interface AttributePolicy</H2>
     92 <DL>
     93 <DT><B>All Known Implementing Classes:</B> <DD><A HREF="../../../org/owasp/html/FilterUrlByProtocolAttributePolicy.html" title="class in org.owasp.html">FilterUrlByProtocolAttributePolicy</A></DD>
     94 </DL>
     95 <HR>
     96 <DL>
     97 <DT><PRE>public interface <A HREF="../../../src-html/org/owasp/html/AttributePolicy.html#line.46"><B>AttributePolicy</B></A></DL>
     98 </PRE>
     99 
    100 <P>
    101 A policy that can be applied to an HTML attribute to decide whether or not to
    102  allow it in the output, possibly after transforming its value.
    103 <P>
    104 
    105 <P>
    106 <DL>
    107 <DT><B>Author:</B></DT>
    108   <DD>Mike Samuel <mikesamuel (a] gmail.com></DD>
    109 <DT><B>See Also:</B><DD><A HREF="../../../org/owasp/html/HtmlPolicyBuilder.AttributeBuilder.html#matching(org.owasp.html.AttributePolicy)"><CODE>HtmlPolicyBuilder.AttributeBuilder.matching(AttributePolicy)</CODE></A></DL>
    110 <HR>
    111 
    112 <P>
    113 <!-- ======== NESTED CLASS SUMMARY ======== -->
    114 
    115 <A NAME="nested_class_summary"><!-- --></A>
    116 <TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
    117 <TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor">
    118 <TH ALIGN="left" COLSPAN="2"><FONT SIZE="+2">
    119 <B>Nested Class Summary</B></FONT></TH>
    120 </TR>
    121 <TR BGCOLOR="white" CLASS="TableRowColor">
    122 <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1">
    123 <CODE>static&nbsp;class</CODE></FONT></TD>
    124 <TD><CODE><B><A HREF="../../../org/owasp/html/AttributePolicy.Util.html" title="class in org.owasp.html">AttributePolicy.Util</A></B></CODE>
    125 
    126 <BR>
    127 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Utilities for working with attribute policies.</TD>
    128 </TR>
    129 </TABLE>
    130 &nbsp;<!-- =========== FIELD SUMMARY =========== -->
    131 
    132 <A NAME="field_summary"><!-- --></A>
    133 <TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
    134 <TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor">
    135 <TH ALIGN="left" COLSPAN="2"><FONT SIZE="+2">
    136 <B>Field Summary</B></FONT></TH>
    137 </TR>
    138 <TR BGCOLOR="white" CLASS="TableRowColor">
    139 <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1">
    140 <CODE>static&nbsp;<A HREF="../../../org/owasp/html/AttributePolicy.html" title="interface in org.owasp.html">AttributePolicy</A></CODE></FONT></TD>
    141 <TD><CODE><B><A HREF="../../../org/owasp/html/AttributePolicy.html#IDENTITY_ATTRIBUTE_POLICY">IDENTITY_ATTRIBUTE_POLICY</A></B></CODE>
    142 
    143 <BR>
    144 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD>
    145 </TR>
    146 <TR BGCOLOR="white" CLASS="TableRowColor">
    147 <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1">
    148 <CODE>static&nbsp;<A HREF="../../../org/owasp/html/AttributePolicy.html" title="interface in org.owasp.html">AttributePolicy</A></CODE></FONT></TD>
    149 <TD><CODE><B><A HREF="../../../org/owasp/html/AttributePolicy.html#REJECT_ALL_ATTRIBUTE_POLICY">REJECT_ALL_ATTRIBUTE_POLICY</A></B></CODE>
    150 
    151 <BR>
    152 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD>
    153 </TR>
    154 </TABLE>
    155 &nbsp;
    156 <!-- ========== METHOD SUMMARY =========== -->
    157 
    158 <A NAME="method_summary"><!-- --></A>
    159 <TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
    160 <TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor">
    161 <TH ALIGN="left" COLSPAN="2"><FONT SIZE="+2">
    162 <B>Method Summary</B></FONT></TH>
    163 </TR>
    164 <TR BGCOLOR="white" CLASS="TableRowColor">
    165 <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1">
    166 <CODE>&nbsp;java.lang.String</CODE></FONT></TD>
    167 <TD><CODE><B><A HREF="../../../org/owasp/html/AttributePolicy.html#apply(java.lang.String, java.lang.String, java.lang.String)">apply</A></B>(java.lang.String&nbsp;elementName,
    168            java.lang.String&nbsp;attributeName,
    169            java.lang.String&nbsp;value)</CODE>
    170 
    171 <BR>
    172 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD>
    173 </TR>
    174 </TABLE>
    175 &nbsp;
    176 <P>
    177 
    178 <!-- ============ FIELD DETAIL =========== -->
    179 
    180 <A NAME="field_detail"><!-- --></A>
    181 <TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
    182 <TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor">
    183 <TH ALIGN="left" COLSPAN="1"><FONT SIZE="+2">
    184 <B>Field Detail</B></FONT></TH>
    185 </TR>
    186 </TABLE>
    187 
    188 <A NAME="IDENTITY_ATTRIBUTE_POLICY"><!-- --></A><H3>
    189 IDENTITY_ATTRIBUTE_POLICY</H3>
    190 <PRE>
    191 static final <A HREF="../../../org/owasp/html/AttributePolicy.html" title="interface in org.owasp.html">AttributePolicy</A> <A HREF="../../../src-html/org/owasp/html/AttributePolicy.html#line.92"><B>IDENTITY_ATTRIBUTE_POLICY</B></A></PRE>
    192 <DL>
    193 <DL>
    194 </DL>
    195 </DL>
    196 <HR>
    197 
    198 <A NAME="REJECT_ALL_ATTRIBUTE_POLICY"><!-- --></A><H3>
    199 REJECT_ALL_ATTRIBUTE_POLICY</H3>
    200 <PRE>
    201 static final <A HREF="../../../org/owasp/html/AttributePolicy.html" title="interface in org.owasp.html">AttributePolicy</A> <A HREF="../../../src-html/org/owasp/html/AttributePolicy.html#line.100"><B>REJECT_ALL_ATTRIBUTE_POLICY</B></A></PRE>
    202 <DL>
    203 <DL>
    204 </DL>
    205 </DL>
    206 
    207 <!-- ============ METHOD DETAIL ========== -->
    208 
    209 <A NAME="method_detail"><!-- --></A>
    210 <TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
    211 <TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor">
    212 <TH ALIGN="left" COLSPAN="1"><FONT SIZE="+2">
    213 <B>Method Detail</B></FONT></TH>
    214 </TR>
    215 </TABLE>
    216 
    217 <A NAME="apply(java.lang.String, java.lang.String, java.lang.String)"><!-- --></A><H3>
    218 apply</H3>
    219 <PRE>
    220 <FONT SIZE="-1">@Nullable
    221 </FONT>java.lang.String <A HREF="../../../src-html/org/owasp/html/AttributePolicy.html#line.57"><B>apply</B></A>(java.lang.String&nbsp;elementName,
    222                                 java.lang.String&nbsp;attributeName,
    223                                 java.lang.String&nbsp;value)</PRE>
    224 <DL>
    225 <DD><DL>
    226 <DT><B>Parameters:</B><DD><CODE>elementName</CODE> - the lower-case element name.<DD><CODE>attributeName</CODE> - the lower-case attribute name.<DD><CODE>value</CODE> - the attribute value without quotes and with HTML entities
    227      decoded.
    228 <DT><B>Returns:</B><DD><code>null</code> to disallow the attribute or the adjusted value if
    229      allowed.</DL>
    230 </DD>
    231 </DL>
    232 <!-- ========= END OF CLASS DATA ========= -->
    233 <HR>
    234 
    235 
    236 <!-- ======= START OF BOTTOM NAVBAR ====== -->
    237 <A NAME="navbar_bottom"><!-- --></A>
    238 <A HREF="#skip-navbar_bottom" title="Skip navigation links"></A>
    239 <TABLE BORDER="0" WIDTH="100%" CELLPADDING="1" CELLSPACING="0" SUMMARY="">
    240 <TR>
    241 <TD COLSPAN=2 BGCOLOR="#EEEEFF" CLASS="NavBarCell1">
    242 <A NAME="navbar_bottom_firstrow"><!-- --></A>
    243 <TABLE BORDER="0" CELLPADDING="0" CELLSPACING="3" SUMMARY="">
    244   <TR ALIGN="center" VALIGN="top">
    245   <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="../../../overview-summary.html"><FONT CLASS="NavBarFont1"><B>Overview</B></FONT></A>&nbsp;</TD>
    246   <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="package-summary.html"><FONT CLASS="NavBarFont1"><B>Package</B></FONT></A>&nbsp;</TD>
    247   <TD BGCOLOR="#FFFFFF" CLASS="NavBarCell1Rev"> &nbsp;<FONT CLASS="NavBarFont1Rev"><B>Class</B></FONT>&nbsp;</TD>
    248   <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="class-use/AttributePolicy.html"><FONT CLASS="NavBarFont1"><B>Use</B></FONT></A>&nbsp;</TD>
    249   <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="package-tree.html"><FONT CLASS="NavBarFont1"><B>Tree</B></FONT></A>&nbsp;</TD>
    250   <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="../../../deprecated-list.html"><FONT CLASS="NavBarFont1"><B>Deprecated</B></FONT></A>&nbsp;</TD>
    251   <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="../../../index-files/index-1.html"><FONT CLASS="NavBarFont1"><B>Index</B></FONT></A>&nbsp;</TD>
    252   </TR>
    253 </TABLE>
    254 </TD>
    255 <TD ALIGN="right" VALIGN="top" ROWSPAN=3><EM>
    256 <a href="http://code.google.com/p/owasp-java-html-sanitizer" target=_top>code.google.com home</a></EM>
    257 </TD>
    258 </TR>
    259 
    260 <TR>
    261 <TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2">
    262 &nbsp;PREV CLASS&nbsp;
    263 &nbsp;<A HREF="../../../org/owasp/html/AttributePolicy.Util.html" title="class in org.owasp.html"><B>NEXT CLASS</B></A></FONT></TD>
    264 <TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2">
    265   <A HREF="../../../index.html?org/owasp/html/AttributePolicy.html" target="_top"><B>FRAMES</B></A>  &nbsp;
    266 &nbsp;<A HREF="AttributePolicy.html" target="_top"><B>NO FRAMES</B></A>  &nbsp;
    267 &nbsp;<SCRIPT type="text/javascript">
    268   <!--
    269   if(window==top) {
    270     document.writeln('<A HREF="../../../allclasses-noframe.html"><B>All Classes</B></A>');
    271   }
    272   //-->
    273 </SCRIPT>
    274 <NOSCRIPT>
    275   <A HREF="../../../allclasses-noframe.html"><B>All Classes</B></A>
    276 </NOSCRIPT>
    277 
    278 
    279 </FONT></TD>
    280 </TR>
    281 <TR>
    282 <TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2">
    283   SUMMARY:&nbsp;<A HREF="#nested_class_summary">NESTED</A>&nbsp;|&nbsp;<A HREF="#field_summary">FIELD</A>&nbsp;|&nbsp;CONSTR&nbsp;|&nbsp;<A HREF="#method_summary">METHOD</A></FONT></TD>
    284 <TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2">
    285 DETAIL:&nbsp;<A HREF="#field_detail">FIELD</A>&nbsp;|&nbsp;CONSTR&nbsp;|&nbsp;<A HREF="#method_detail">METHOD</A></FONT></TD>
    286 </TR>
    287 </TABLE>
    288 <A NAME="skip-navbar_bottom"></A>
    289 <!-- ======== END OF BOTTOM NAVBAR ======= -->
    290 
    291 <HR>
    292 
    293 </BODY>
    294 </HTML>
    295