Package org.primefaces.extensions.converter

Class SanitizingConverter

  • All Implemented Interfaces:
    java.io.Serializable, javax.faces.convert.Converter<java.lang.Object>
    public class SanitizingConverter
extends java.lang.Object
implements javax.faces.convert.Converter<java.lang.Object>, java.io.Serializable
    Converter which sanitizes any input using an OWASP Java HTML Sanitizer PolicyFactory. Useful for cleansing input if going to be displayed in outputText with escape="false".
    Since:
    10.0.5
    See Also:
    Serialized Form

    • Field Summary

      • Fields inherited from interface javax.faces.convert.Converter

        DATETIMECONVERTER_DEFAULT_TIMEZONE_IS_SYSTEM_TIMEZONE_PARAM_NAME

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      java.lang.Object getAsObject​(javax.faces.context.FacesContext fc, javax.faces.component.UIComponent uic, java.lang.String value)  
      java.lang.String getAsString​(javax.faces.context.FacesContext fc, javax.faces.component.UIComponent uic, java.lang.Object o)  
      org.owasp.html.PolicyFactory getPolicy()  
      boolean isDecodeHtml()  
      java.lang.String sanitize​(java.lang.String value)
      Method to facilitate "mis-using" this class to sanitize data coming over the network
      void setDecodeHtml​(boolean decodeHtml)  
      void setPolicy​(org.owasp.html.PolicyFactory policy)  

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • SanitizingConverter

        public SanitizingConverter()

    • Method Detail

      • sanitize

        public java.lang.String sanitize​(java.lang.String value)
        Method to facilitate "mis-using" this class to sanitize data coming over the network
        Parameters:
        value - the value to sanitize
        Returns:
        sanitized string

      • getAsObject

        public java.lang.Object getAsObject​(javax.faces.context.FacesContext fc,
                                    javax.faces.component.UIComponent uic,
                                    java.lang.String value)
        Specified by:
        getAsObject in interface javax.faces.convert.Converter<java.lang.Object>

      • getAsString

        public java.lang.String getAsString​(javax.faces.context.FacesContext fc,
                                    javax.faces.component.UIComponent uic,
                                    java.lang.Object o)
        Specified by:
        getAsString in interface javax.faces.convert.Converter<java.lang.Object>

      • getPolicy

        public org.owasp.html.PolicyFactory getPolicy()

      • setPolicy

        public void setPolicy​(org.owasp.html.PolicyFactory policy)

      • isDecodeHtml

        public boolean isDecodeHtml()

      • setDecodeHtml

        public void setDecodeHtml​(boolean decodeHtml)