Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.owasp.validator.html
Class AntiSamy

java.lang.Object
  extended by org.owasp.validator.html.AntiSamy

public class AntiSamy
extends java.lang.Object

This is the only class from which the outside world should be calling. The scan() method holds the meat and potatoes of AntiSamy. The file contains a number of ways for scan()'ing depending on the accessibility of the policy file.

Author:
Arshan Dabirsiaghi

Field Summary
static int DOM
           
static int SAX
           
 
Constructor Summary
AntiSamy()
           
AntiSamy(Policy policy)
           
 
Method Summary
 java.lang.String getInputEncoding()
           
 java.lang.String getOutputEncoding()
           
 Policy getPolicy()
           
static void main(java.lang.String[] args)
          Main method for testing AntiSamy.
 CleanResults scan(java.lang.String taintedHTML)
          The meat and potatoes.
 CleanResults scan(java.lang.String taintedHTML, java.io.File policyFile)
          This method wraps scan() using the policy File object passed in.
 CleanResults scan(java.lang.String taintedHTML, int scanType)
           
 CleanResults scan(java.lang.String taintedHTML, Policy policy)
          This method wraps scan() using the Policy object passed in.
 CleanResults scan(java.lang.String taintedHTML, Policy policy, int scanType)
           
 CleanResults scan(java.lang.String taintedHTML, java.lang.String filename)
          This method wraps scan() using the Policy object passed in.
 void setInputEncoding(java.lang.String inputEncoding)
           
 void setOutputEncoding(java.lang.String outputEncoding)
           
 void setPolicy(Policy policy)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

DOM

public static int DOM

SAX

public static int SAX
Constructor Detail

AntiSamy

public AntiSamy()

AntiSamy

public AntiSamy(Policy policy)
Method Detail

scan

public CleanResults scan(java.lang.String taintedHTML)
                  throws ScanException,
                         PolicyException
The meat and potatoes. The scan() family of methods are the only methods the outside world should be calling to invoke AntiSamy.

Parameters:
taintedHTML - Untrusted HTML which may contain malicious code.
inputEncoding - The encoding of the input.
outputEncoding - The encoding that the output should be in.
Returns:
A CleanResults object which contains information about the scan (including the results).
Throws:
ScanException - When there is a problem encountered while scanning the HTML.
PolicyException - When there is a problem reading the policy file.
ScanException
PolicyException

scan

public CleanResults scan(java.lang.String taintedHTML,
                         int scanType)
                  throws ScanException,
                         PolicyException
Throws:
ScanException
PolicyException

scan

public CleanResults scan(java.lang.String taintedHTML,
                         Policy policy)
                  throws ScanException,
                         PolicyException
This method wraps scan() using the Policy object passed in.

Throws:
ScanException
PolicyException

scan

public CleanResults scan(java.lang.String taintedHTML,
                         Policy policy,
                         int scanType)
                  throws ScanException,
                         PolicyException
Throws:
ScanException
PolicyException

scan

public CleanResults scan(java.lang.String taintedHTML,
                         java.lang.String filename)
                  throws ScanException,
                         PolicyException
This method wraps scan() using the Policy object passed in.

Throws:
ScanException
PolicyException

scan

public CleanResults scan(java.lang.String taintedHTML,
                         java.io.File policyFile)
                  throws ScanException,
                         PolicyException
This method wraps scan() using the policy File object passed in.

Throws:
ScanException
PolicyException

main

public static void main(java.lang.String[] args)
Main method for testing AntiSamy.

Parameters:
args - Command line arguments. Only 1 argument is processed, and it should be a URL or filename to run through AntiSamy using the default policy location.

getInputEncoding

public java.lang.String getInputEncoding()

setInputEncoding

public void setInputEncoding(java.lang.String inputEncoding)

getOutputEncoding

public java.lang.String getOutputEncoding()

setOutputEncoding

public void setOutputEncoding(java.lang.String outputEncoding)

getPolicy

public Policy getPolicy()

setPolicy

public void setPolicy(Policy policy)
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2011 The Open Web Application Security Project (OWASP). All Rights Reserved.