java.lang.Object | |
↳ | com.google.gwt.safehtml.shared.SimpleHtmlSanitizer |
A simple and relatively inexpensive HTML sanitizer.
This sanitizer accepts the subset of HTML consisting of the following attribute-free tags:
<b>
, <em>
, <i>
<h1>
, <h2>
, <h3>
,
<h4>
, <h5>
, <h6>
<ul>
, <ol>
. <li>
<hr>
Public Methods | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Return a singleton SimpleHtmlSanitizer instance.
| |||||||||||
Sanitizes a string into
SafeHtml . | |||||||||||
HTML-sanitizes a string.
|
[Expand]
Inherited Methods | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
From class
java.lang.Object
| |||||||||||
From interface com.google.gwt.safehtml.shared.HtmlSanitizer |
Return a singleton SimpleHtmlSanitizer instance.
Sanitizes a string into SafeHtml
.
html | String containing untrusted HTML. |
---|
html
, sanitized according to the
policy implemented by this sanitizer.
HTML-sanitizes a string.
The input string is processed as described above. The result of sanitizing
the string is guaranteed to be safe to use (with respect to XSS
vulnerabilities) in HTML contexts, and is returned as an instance of the
SafeHtml
type.
html | the input String |
---|