Class HtmlSanitizerServiceImpl
java.lang.Object
org.nuxeo.runtime.model.DefaultComponent
org.nuxeo.ecm.platform.htmlsanitizer.HtmlSanitizerServiceImpl
- All Implemented Interfaces:
HtmlSanitizerService
,Adaptable
,Component
,Extensible
,TimestampedService
Service that sanitizes some HMTL fields to remove potential cross-site scripting attacks in them.
-
Field Summary
Modifier and TypeFieldDescriptionAll policies registered.All sanitizers registered.static final String
org.owasp.html.PolicyFactory
Effective policy.static final String
Effective sanitizers.Fields inherited from class org.nuxeo.runtime.model.DefaultComponent
lastModified, name
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionprotected void
protected void
protected List<HtmlSanitizerDescriptor>
protected void
initializeBuilder
(org.owasp.html.HtmlPolicyBuilder builder) protected void
protected void
void
registerContribution
(Object contribution, String extensionPoint, ComponentInstance contributor) protected void
protected void
void
Sanitizes a document's fields, depending on the service configuration.sanitizeString
(String string, String info) Sanitizes a string.void
unregisterContribution
(Object contribution, String extensionPoint, ComponentInstance contributor) Methods inherited from class org.nuxeo.runtime.model.DefaultComponent
activate, addRuntimeMessage, addRuntimeMessage, deactivate, getAdapter, getDescriptor, getDescriptors, getLastModified, getRegistry, register, registerExtension, setLastModified, setModifiedNow, setName, start, stop, unregister, unregisterExtension
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
Methods inherited from interface org.nuxeo.runtime.model.Component
getApplicationStartedOrder
-
Field Details
-
ANTISAMY_XP
- See Also:
-
SANITIZER_XP
- See Also:
-
allPolicies
All policies registered. -
policy
public org.owasp.html.PolicyFactory policyEffective policy. -
allSanitizers
All sanitizers registered. -
sanitizers
Effective sanitizers.
-
-
Constructor Details
-
HtmlSanitizerServiceImpl
public HtmlSanitizerServiceImpl()
-
-
Method Details
-
registerContribution
public void registerContribution(Object contribution, String extensionPoint, ComponentInstance contributor) - Overrides:
registerContribution
in classDefaultComponent
-
unregisterContribution
public void unregisterContribution(Object contribution, String extensionPoint, ComponentInstance contributor) - Overrides:
unregisterContribution
in classDefaultComponent
-
addAntiSamy
-
removeAntiSamy
-
refreshPolicy
protected void refreshPolicy() -
initializeBuilder
protected void initializeBuilder(org.owasp.html.HtmlPolicyBuilder builder) -
addSanitizer
-
removeSanitizer
-
refreshSanitizers
protected void refreshSanitizers() -
getSanitizers
-
sanitizeDocument
Description copied from interface:HtmlSanitizerService
Sanitizes a document's fields, depending on the service configuration.- Specified by:
sanitizeDocument
in interfaceHtmlSanitizerService
-
sanitizeString
Description copied from interface:HtmlSanitizerService
Sanitizes a string.- Specified by:
sanitizeString
in interfaceHtmlSanitizerService
- Parameters:
string
- the string to sanitizeinfo
- additional info logged when something is sanitized- Returns:
- the sanitized string
-