Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.owasp.validator.html.scan
Class AntiSamyDOMScanner

java.lang.Object
  extended by org.owasp.validator.html.scan.AntiSamyDOMScanner

public class AntiSamyDOMScanner
extends java.lang.Object

This is where the magic lives. All the scanning/filtration logic resides here, but it should not be called directly. All scanning should be done through a AntiSamy.scan() method.

Author:
Arshan Dabirsiaghi

Field Summary
static java.lang.String DEFAULT_ENCODING_ALGORITHM
           
 
Constructor Summary
AntiSamyDOMScanner()
           
AntiSamyDOMScanner(Policy policy)
           
 
Method Summary
 CleanResults getResults()
           
 void initializeErrors()
           
static void main(java.lang.String[] args)
          This method replaces all entity codes with a normalized version of all entity references contained in order to reduce our encoding/parsing attack surface.
 CleanResults scan(java.lang.String html, java.lang.String inputEncoding, java.lang.String outputEncoding)
          This is where the magic lives.
 void setResults(CleanResults results)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

DEFAULT_ENCODING_ALGORITHM

public static final java.lang.String DEFAULT_ENCODING_ALGORITHM
See Also:
Constant Field Values
Constructor Detail

AntiSamyDOMScanner

public AntiSamyDOMScanner(Policy policy)

AntiSamyDOMScanner

public AntiSamyDOMScanner()
                   throws PolicyException
Throws:
PolicyException
Method Detail

initializeErrors

public void initializeErrors()

scan

public CleanResults scan(java.lang.String html,
                         java.lang.String inputEncoding,
                         java.lang.String outputEncoding)
                  throws ScanException
This is where the magic lives.

Parameters:
html - A String whose contents we want to scan.
Returns:
A CleanResults object with an XMLDocumentFragment object and its String representation, as well as some scan statistics.
Throws:
ScanException

main

public static void main(java.lang.String[] args)
                 throws PolicyException
This method replaces all entity codes with a normalized version of all entity references contained in order to reduce our encoding/parsing attack surface.

Parameters:
txt - The string to be normalized.
Throws:
PolicyException

getResults

public CleanResults getResults()

setResults

public void setResults(CleanResults results)
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2010 The Open Web Application Security Project (OWASP). All Rights Reserved.