Class DefaultUrlSanitizer

  • All Implemented Interfaces:
    UrlSanitizer

    public class DefaultUrlSanitizer
    extends java.lang.Object
    implements UrlSanitizer
    Allows http, https and mailto protocols for url. Also allows protocol relative urls, and relative urls. Implementation based on https://github.com/OWASP/java-html-sanitizer/blob/f07e44b034a45d94d6fd010279073c38b6933072/src/main/java/org/owasp/html/FilterUrlByProtocolAttributePolicy.java
    • Field Summary

      Fields 
      Modifier and Type Field Description
      private java.util.Set<java.lang.String> protocols  
    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      private boolean isHtmlSpace​(int ch)  
      java.lang.String sanitizeImageUrl​(java.lang.String url)
      Sanitize a url for use in the src attribute of a Image.
      java.lang.String sanitizeLinkUrl​(java.lang.String url)
      Sanitize a url for use in the href attribute of a Link.
      private java.lang.String stripHtmlSpaces​(java.lang.String s)  
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Field Detail

      • protocols

        private java.util.Set<java.lang.String> protocols
    • Constructor Detail

      • DefaultUrlSanitizer

        public DefaultUrlSanitizer()
      • DefaultUrlSanitizer

        public DefaultUrlSanitizer​(java.util.Collection<java.lang.String> protocols)
    • Method Detail

      • sanitizeLinkUrl

        public java.lang.String sanitizeLinkUrl​(java.lang.String url)
        Description copied from interface: UrlSanitizer
        Sanitize a url for use in the href attribute of a Link.
        Specified by:
        sanitizeLinkUrl in interface UrlSanitizer
        Parameters:
        url - Link to sanitize
        Returns:
        Sanitized link
      • sanitizeImageUrl

        public java.lang.String sanitizeImageUrl​(java.lang.String url)
        Description copied from interface: UrlSanitizer
        Sanitize a url for use in the src attribute of a Image.
        Specified by:
        sanitizeImageUrl in interface UrlSanitizer
        Parameters:
        url - Link to sanitize
        Returns:
        Sanitized link Image
      • stripHtmlSpaces

        private java.lang.String stripHtmlSpaces​(java.lang.String s)
      • isHtmlSpace

        private boolean isHtmlSpace​(int ch)