org.olat.core.util.filter.impl
Class OWASPAntiSamyXSSFilter

java.lang.Object
  org.olat.core.logging.LogDelegator
      org.olat.core.util.filter.impl.OWASPAntiSamyXSSFilter

All Implemented Interfaces:

Filter

public class OWASPAntiSamyXSSFilter
extends LogDelegator
implements Filter

Description:
OWASP AntiSamy XSSFilter creates a DOM-Tree, parses it and filters everything invalid out, expect items in the policy-file this is way better than trying to handle input by regexp's: http://htmlparsing.icenine.ca/doku.php/#summary OWASP AntiSamy docu: see http://www.owasp.org/index.php/AntiSamy HTML Parser based on: http://nekohtml.sourceforge.net/

Initial Date: 30.07.2009

Author:

Roman Haag, roman.haag@frentix.com

Constructor Summary

OWASPAntiSamyXSSFilter(int maxLength, boolean junitDebug)

Method Summary

java.lang.String	filter(java.lang.String original) Filter the original value and return the result.
java.lang.String	getOrPrintErrorMessages() get Errors/Messages from filter.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

OWASPAntiSamyXSSFilter

public OWASPAntiSamyXSSFilter(int maxLength,
                              boolean junitDebug)

Parameters:

maxLength -

junitDebug -

Method Detail

filter

public java.lang.String filter(java.lang.String original)

Description copied from interface: Filter

Filter the original value and return the result. If the original value is NULL, the filter method will return NULL

Specified by:

filter in interface Filter

Returns:

See Also:

Filter.filter(java.lang.String)

getOrPrintErrorMessages

public java.lang.String getOrPrintErrorMessages()

get Errors/Messages from filter. This have not to be "errors", its what has been filtered and gets reported.

Returns: