org.owasp.validator.html
Class AntiSamy

java.lang.Object
  org.owasp.validator.html.AntiSamy

public class AntiSamy
extends java.lang.Object

This is the only class from which the outside world should be calling. The scan() method holds the meat and potatoes of AntiSamy. The file contains a number of ways for scan()'ing depending on the accessibility of the policy file.

Author:

Arshan Dabirsiaghi

Constructor Summary

AntiSamy()

AntiSamy(Policy policy)

Method Summary

java.lang.String	getInputEncoding()
java.lang.String	getOutputEncoding()
Policy	getPolicy()
static void	main(java.lang.String[] args) Main method for testing AntiSamy.
CleanResults	scan(java.lang.String taintedHTML) The meat and potatoes.
CleanResults	scan(java.lang.String taintedHTML, java.io.File policyFile) This method wraps scan() using the policy File object passed in.
CleanResults	scan(java.lang.String taintedHTML, Policy policy) This method wraps scan() using the Policy object passed in.
CleanResults	scan(java.lang.String taintedHTML, java.lang.String filename) This method wraps scan() using the Policy object passed in.
void	setInputEncoding(java.lang.String inputEncoding)
void	setOutputEncoding(java.lang.String outputEncoding)
void	setPolicy(Policy policy)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AntiSamy

public AntiSamy()

AntiSamy

public AntiSamy(Policy policy)

Method Detail

scan

public CleanResults scan(java.lang.String taintedHTML)
                  throws ScanException,
                         PolicyException

The meat and potatoes. The scan() family of methods are the only methods the outside world should be calling to invoke AntiSamy.

Parameters:

taintedHTML - Untrusted HTML which may contain malicious code.

inputEncoding - The encoding of the input.

outputEncoding - The encoding that the output should be in.

Returns:

A CleanResults object which contains information about the scan (including the results).

Throws:

ScanException - When there is a problem encountered while scanning the HTML.

PolicyException - When there is a problem reading the policy file.

ScanException

PolicyException

scan

public CleanResults scan(java.lang.String taintedHTML,
                         Policy policy)
                  throws ScanException,
                         PolicyException

This method wraps scan() using the Policy object passed in.

Throws:

ScanException

PolicyException

scan

public CleanResults scan(java.lang.String taintedHTML,
                         java.lang.String filename)
                  throws ScanException,
                         PolicyException

This method wraps scan() using the Policy object passed in.

Throws:

ScanException

PolicyException

scan

public CleanResults scan(java.lang.String taintedHTML,
                         java.io.File policyFile)
                  throws ScanException,
                         PolicyException

This method wraps scan() using the policy File object passed in.

Throws:

ScanException

PolicyException

main

public static void main(java.lang.String[] args)

Main method for testing AntiSamy.

Parameters:

args - Command line arguments. Only 1 argument is processed, and it should be a URL or filename to run through AntiSamy using the default policy location.

getInputEncoding

public java.lang.String getInputEncoding()

setInputEncoding

public void setInputEncoding(java.lang.String inputEncoding)

getOutputEncoding

public java.lang.String getOutputEncoding()

setOutputEncoding

public void setOutputEncoding(java.lang.String outputEncoding)

getPolicy

public Policy getPolicy()

setPolicy

public void setPolicy(Policy policy)