Package org.owasp.html
Interface AttributePolicy
-
- All Known Implementing Classes:
FilterUrlByProtocolAttributePolicy
public interface AttributePolicy
A policy that can be applied to an HTML attribute to decide whether or not to allow it in the output, possibly after transforming its value.- Author:
- Mike Samuel
- See Also:
HtmlPolicyBuilder.AttributeBuilder.matching(AttributePolicy)
-
-
Nested Class Summary
Nested Classes Modifier and Type Interface Description static class
AttributePolicy.Util
Utilities for working with attribute policies.
-
Field Summary
Fields Modifier and Type Field Description static AttributePolicy
IDENTITY_ATTRIBUTE_POLICY
static AttributePolicy
REJECT_ALL_ATTRIBUTE_POLICY
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description java.lang.String
apply(java.lang.String elementName, java.lang.String attributeName, java.lang.String value)
-
-
-
Field Detail
-
IDENTITY_ATTRIBUTE_POLICY
static final AttributePolicy IDENTITY_ATTRIBUTE_POLICY
-
REJECT_ALL_ATTRIBUTE_POLICY
static final AttributePolicy REJECT_ALL_ATTRIBUTE_POLICY
-
-
Method Detail
-
apply
@Nullable java.lang.String apply(java.lang.String elementName, java.lang.String attributeName, java.lang.String value)
- Parameters:
elementName
- the lower-case element name.attributeName
- the lower-case attribute name.value
- the attribute value without quotes and with HTML entities decoded.- Returns:
null
to disallow the attribute or the adjusted value if allowed.
-
-