HTMLSanitizer (eXo PLF:: Commons - Common Services 6.2.1 API)

java.lang.Object
- org.exoplatform.commons.utils.HTMLSanitizer

```
public abstract class HTMLSanitizer
extends Object
```
Prevent XSS/XEE attacks by encoding user HTML inputs. This class will be used to encode data in in presentation layer.

Version:

$Revision$

Author:

Khemais MENZLI

Field Summary

Fields
Modifier and Type	Field	Description
`static com.google.common.base.Function<org.owasp.html.HtmlStreamEventReceiver,org.owasp.html.HtmlSanitizer.Policy>`	`POLICY_DEFINITION`	A policy definition that matches the minimal HTML that eXo allows.

Constructor Summary

Constructors
Constructor Description

HTMLSanitizer()

Method Summary

All Methods Static Methods Concrete Methods
Modifier and Type	Method	Description
`static String`	`sanitize(String html)`	This service reads HTML from input forms and writes sanitized content to a StringBuffer

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - POLICY_DEFINITION
```
public static final com.google.common.base.Function<org.owasp.html.HtmlStreamEventReceiver,org.owasp.html.HtmlSanitizer.Policy> POLICY_DEFINITION
```
    A policy definition that matches the minimal HTML that eXo allows.
- Constructor Detail
  - HTMLSanitizer
```
public HTMLSanitizer()
```
- Method Detail
  - sanitize
```
public static String sanitize(String html)
                       throws Exception
```
    This service reads HTML from input forms and writes sanitized content to a StringBuffer
    
    Parameters:
    
    html - The String object
    
    Returns:
    
    The sanitized HTML to store in DB layer
    
    Throws:
    
    Exception