Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.owasp.validator.html
Class Policy

java.lang.Object
  extended by org.owasp.validator.html.Policy

public class Policy
extends java.lang.Object

Policy.java This file holds the model for our policy engine.

Author:
Arshan Dabirsiaghi

Field Summary
static java.lang.String ACTION_FILTER
           
static java.lang.String ACTION_TRUNCATE
           
static java.lang.String ACTION_VALIDATE
           
static java.lang.String ANCHORS_NOFOLLOW
           
static java.util.regex.Pattern ANYTHING_REGEXP
           
static java.lang.String CONNECTION_TIMEOUT
           
static int DEFAULT_MAX_INPUT_SIZE
           
static int DEFAULT_MAX_STYLESHEET_IMPORTS
           
static java.lang.String EMBED_STYLESHEETS
           
static java.lang.String ENCODE_TAGS
           
static java.lang.String FORMAT_OUTPUT
           
static java.lang.String MAX_INPUT_SIZE
           
static java.lang.String OMIT_DOCTYPE_DECLARATION
           
static java.lang.String OMIT_XML_DECLARATION
           
static java.lang.String PRESERVE_COMMENTS
           
static java.lang.String PRESERVE_SPACE
           
static java.lang.String USE_XHTML
           
static java.lang.String VALIDATE_PARAM_AS_EMBED
           
 
Method Summary
 java.lang.String getDirective(java.lang.String name)
          Return a directive value based on a lookup name.
 Attribute getGlobalAttributeByName(java.lang.String name)
          A simple method for returning on of the entries by name.
static Policy getInstance()
          This retrieves a Policy based on a default location ("resources/antisamy.xml")
static Policy getInstance(java.io.File file)
          This retrieves a Policy based on the File object passed in
static Policy getInstance(java.io.InputStream inputStream)
          This retrieves a Policy based on the InputStream object passed in
static Policy getInstance(java.lang.String filename)
          This retrieves a Policy based on the file name passed in
 int getMaxInputSize()
          Returns the maximum input size.
 Property getPropertyByName(java.lang.String propertyName)
          Retrieves a CSS Property from the Policy.
 AntiSamyPattern getRegularExpression(java.lang.String name)
          A simple method for returning on of the entries by name.
 Tag getTagByName(java.lang.String tagName)
          Retrieves a Tag from the Policy.
 java.lang.String[] getTags()
          Return all the tags accepted by the Policy object.
 boolean isTagInListToEncode(java.lang.String s)
           
static void main(java.lang.String[] args)
          Main test unit.
 void setDirective(java.lang.String name, java.lang.String value)
          Set a directive for a value based on a name.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

ANYTHING_REGEXP

public static final java.util.regex.Pattern ANYTHING_REGEXP

DEFAULT_MAX_INPUT_SIZE

public static final int DEFAULT_MAX_INPUT_SIZE
See Also:
Constant Field Values

DEFAULT_MAX_STYLESHEET_IMPORTS

public static final int DEFAULT_MAX_STYLESHEET_IMPORTS
See Also:
Constant Field Values

OMIT_XML_DECLARATION

public static final java.lang.String OMIT_XML_DECLARATION
See Also:
Constant Field Values

OMIT_DOCTYPE_DECLARATION

public static final java.lang.String OMIT_DOCTYPE_DECLARATION
See Also:
Constant Field Values

MAX_INPUT_SIZE

public static final java.lang.String MAX_INPUT_SIZE
See Also:
Constant Field Values

USE_XHTML

public static final java.lang.String USE_XHTML
See Also:
Constant Field Values

FORMAT_OUTPUT

public static final java.lang.String FORMAT_OUTPUT
See Also:
Constant Field Values

EMBED_STYLESHEETS

public static final java.lang.String EMBED_STYLESHEETS
See Also:
Constant Field Values

CONNECTION_TIMEOUT

public static final java.lang.String CONNECTION_TIMEOUT
See Also:
Constant Field Values

ANCHORS_NOFOLLOW

public static final java.lang.String ANCHORS_NOFOLLOW
See Also:
Constant Field Values

VALIDATE_PARAM_AS_EMBED

public static final java.lang.String VALIDATE_PARAM_AS_EMBED
See Also:
Constant Field Values

PRESERVE_SPACE

public static final java.lang.String PRESERVE_SPACE
See Also:
Constant Field Values

PRESERVE_COMMENTS

public static final java.lang.String PRESERVE_COMMENTS
See Also:
Constant Field Values

ENCODE_TAGS

public static final java.lang.String ENCODE_TAGS
See Also:
Constant Field Values

ACTION_VALIDATE

public static final java.lang.String ACTION_VALIDATE
See Also:
Constant Field Values

ACTION_FILTER

public static final java.lang.String ACTION_FILTER
See Also:
Constant Field Values

ACTION_TRUNCATE

public static final java.lang.String ACTION_TRUNCATE
See Also:
Constant Field Values
Method Detail

isTagInListToEncode

public boolean isTagInListToEncode(java.lang.String s)

getTagByName

public Tag getTagByName(java.lang.String tagName)
Retrieves a Tag from the Policy.

Parameters:
tagName - The name of the Tag to look up.
Returns:
The Tag associated with the name specified, or null if none is found.

getPropertyByName

public Property getPropertyByName(java.lang.String propertyName)
Retrieves a CSS Property from the Policy.

Parameters:
propertyName - The name of the CSS Property to look up.
Returns:
The CSS Property associated with the name specified, or null if none is found.

getInstance

public static Policy getInstance()
                          throws PolicyException
This retrieves a Policy based on a default location ("resources/antisamy.xml")

Returns:
A populated Policy object based on the XML policy file located in the default location.
Throws:
PolicyException - If the file is not found or there is a problem parsing the file.

getInstance

public static Policy getInstance(java.lang.String filename)
                          throws PolicyException
This retrieves a Policy based on the file name passed in

Parameters:
filename - The path to the XML policy file.
Returns:
A populated Policy object based on the XML policy file located in the location passed in.
Throws:
PolicyException - If the file is not found or there is a problem parsing the file.

getInstance

public static Policy getInstance(java.io.File file)
                          throws PolicyException
This retrieves a Policy based on the File object passed in

Parameters:
file - A File object which contains the XML policy information.
Returns:
A populated Policy object based on the XML policy file pointed to by the File parameter.
Throws:
PolicyException - If the file is not found or there is a problem parsing the file.

getInstance

public static Policy getInstance(java.io.InputStream inputStream)
                          throws PolicyException
This retrieves a Policy based on the InputStream object passed in

Parameters:
inputStream - An InputStream which contains thhe XML policy information.
Returns:
A populated Policy object based on the XML policy file pointed to by the inputStream parameter.
Throws:
PolicyException - If there is a problem parsing the input stream.

getRegularExpression

public AntiSamyPattern getRegularExpression(java.lang.String name)
A simple method for returning on of the entries by name.

Parameters:
name - The name of the common regexp we want to look up.
Returns:
An AntiSamyPattern associated with the lookup name specified.

getGlobalAttributeByName

public Attribute getGlobalAttributeByName(java.lang.String name)
A simple method for returning on of the entries by name.

Parameters:
name - The name of the global-attribute we want to look up.
Returns:
An Attribute associated with the global-attribute lookup name specified.

getTags

public java.lang.String[] getTags()
Return all the tags accepted by the Policy object.

Returns:
A String array of all the tag names accepted by the current Policy.

getDirective

public java.lang.String getDirective(java.lang.String name)
Return a directive value based on a lookup name.

Returns:
A String object containing the directive associated with the lookup name, or null if none is found.

setDirective

public void setDirective(java.lang.String name,
                         java.lang.String value)
Set a directive for a value based on a name.

Parameters:
name - A directive to set a value for.
value - The new value for the directive.

getMaxInputSize

public int getMaxInputSize()
Returns the maximum input size. If this value is not specified by the policy, the DEFAULT_MAX_INPUT_SIZE is used.

Returns:
the maximium input size.

main

public static void main(java.lang.String[] args)
                 throws java.lang.Exception
Main test unit.

Parameters:
args -
Throws:
java.lang.Exception
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2010 The Open Web Application Security Project (OWASP). All Rights Reserved.