简体繁体中英

Selective HTML escaping with Java

原文 2012-07-30 09:13:51 9 2 java/ spring/ security/ xss/ apache-stringutils

Is there anything in JavaSE , Spring or Apache Commons StringUtils that would allow me to strip out HTML from a String but also supply a whitelist of HTML entities that I would like to allow?

Thanks

2 answers

You can take a look at OWASP AntiSamy project . It has default policy files, but you can tailor them to your needs; see the Developer Guide for details on that.

Using a regular expression was the answer here. There was no solution to this issue in any of the libraries available to me.

Html escaping in java?

Escaping html in Java

Java 5 HTML escaping To Prevent XSS

ASCII to HTML-Entities Escaping in Java

Java, JavaScript: Avoid escaping particular HTML tags

Escaping HTML in a Java Play Framework Scala Template

Escaping html in java accented characters with number representation

escaping +- and — in java

Selective serialization of Java Object

Java achieve selective synchronization

暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Html escaping in java? Escaping html in Java Java 5 HTML escaping To Prevent XSS ASCII to HTML-Entities Escaping in Java Java, JavaScript: Avoid escaping particular HTML tags Escaping HTML in a Java Play Framework Scala Template Escaping html in java accented characters with number representation escaping +- and — in java Selective serialization of Java Object Java achieve selective synchronization

Related Tags

Selective HTML escaping with Java

Question

2 answers

solution1
0 2012-07-30 09:24:23

solution2
0 ACCPTED 2012-10-23 12:27:04

Selective HTML escaping with Java

Question

2 answers

solution1 0 2012-07-30 09:24:23

solution2 0 ACCPTED 2012-10-23 12:27:04

solution1
0 2012-07-30 09:24:23

solution2
0 ACCPTED 2012-10-23 12:27:04