Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.owasp.validator.html.scan
Class AntiSamyDOMScanner

java.lang.Object
  extended by org.owasp.validator.html.scan.AbstractAntiSamyScanner
      extended by org.owasp.validator.html.scan.AntiSamyDOMScanner

public class AntiSamyDOMScanner
extends AbstractAntiSamyScanner

This is where the magic lives. All the scanning/filtration logic resides here, but it should not be called directly. All scanning should be done through a AntiSamy.scan() method.

Author:
Arshan Dabirsiaghi

Field Summary
 
Fields inherited from class org.owasp.validator.html.scan.AbstractAntiSamyScanner
errorMessages, isNofollowAnchors, isValidateParamAsEmbed, locale, messages, policy
 
Constructor Summary
AntiSamyDOMScanner()
           
AntiSamyDOMScanner(Policy policy)
           
 
Method Summary
 CleanResults getResults()
           
static void main(java.lang.String[] args)
          This method replaces all entity codes with a normalized version of all entity references contained in order to reduce our encoding/parsing attack surface.
 CleanResults scan(java.lang.String html, java.lang.String inputEncoding, java.lang.String outputEncoding)
          This is where the magic lives.
 
Methods inherited from class org.owasp.validator.html.scan.AbstractAntiSamyScanner
addError, initializeErrors
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

AntiSamyDOMScanner

public AntiSamyDOMScanner(Policy policy)

AntiSamyDOMScanner

public AntiSamyDOMScanner()
                   throws PolicyException
Throws:
PolicyException
Method Detail

scan

public CleanResults scan(java.lang.String html,
                         java.lang.String inputEncoding,
                         java.lang.String outputEncoding)
                  throws ScanException
This is where the magic lives.

Specified by:
scan in class AbstractAntiSamyScanner
Parameters:
html - A String whose contents we want to scan.
Returns:
A CleanResults object with an XMLDocumentFragment object and its String representation, as well as some scan statistics.
Throws:
ScanException

main

public static void main(java.lang.String[] args)
                 throws PolicyException
This method replaces all entity codes with a normalized version of all entity references contained in order to reduce our encoding/parsing attack surface.

Parameters:
txt - The string to be normalized.
Throws:
PolicyException

getResults

public CleanResults getResults()
Specified by:
getResults in class AbstractAntiSamyScanner
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2011 The Open Web Application Security Project (OWASP). All Rights Reserved.