public final class HTMLFilter extends Object
This code is licensed LGPLv3
This code is a Java port of the original work in PHP by Cal Hendersen. http://code.iamcal.com/php/lib_filter/
The trickiest part of the translation was handling the differences in regex handling between PHP and Java. These resources were helpful in the process:
http://java.sun.com/j2se/1.4.2/docs/api/java/util/regex/Pattern.html http://us2.php.net/manual/en/reference.pcre.pattern.modifiers.php http://www.regular-expressions.info/modifiers.html
A note on naming conventions: instance variables are prefixed with a "v"; global constants are in all caps.
Sample use: String input = ... String clean = new HTMLFilter().filter( input );
The class is not thread safe. Create a new instance if in doubt.
If you find bugs or have suggestions on improvement (especially regarding performance), please contact us. The latest version of this source, and our contact details, can be found at http://xss-html-filter.sf.net
| 构造器和说明 |
|---|
HTMLFilter()
Default constructor.
|
HTMLFilter(boolean debug)
Set debug flag to true.
|
HTMLFilter(Map<String,Object> conf)
Map-parameter configurable constructor.
|
| 限定符和类型 | 方法和说明 |
|---|---|
static String |
chr(int decimal) |
String |
filter(String input)
given a user submitted input String, filter out any invalid or restricted html.
|
static String |
htmlSpecialChars(String s) |
boolean |
isAlwaysMakeTags() |
boolean |
isStripComments() |
public HTMLFilter()
public HTMLFilter(boolean debug)
debug - turn debug on with a true argumentpublic static String chr(int decimal)
public String filter(String input)
input - text (i.e. submitted by a user) than may contain htmlpublic boolean isAlwaysMakeTags()
public boolean isStripComments()
Copyright © 2023. All rights reserved.