Package io.micronaut.http.util

Class HtmlEntityEncodingHtmlSanitizer

java.lang.Object

io.micronaut.http.util.HtmlEntityEncodingHtmlSanitizer

All Implemented Interfaces:

HtmlSanitizer

@Singleton
@Requires(missingBeans=HtmlSanitizer.class)
public class HtmlEntityEncodingHtmlSanitizer
extends Object
implements HtmlSanitizer

Given an HTML string, it encodes the following characters: & to &, < to <, > to >, " to ", and ' to '.

See Also:

• Cross site Scripting Prevention Cheat Sheet

Constructor Summary

Constructors

Constructor	Description
HtmlEntityEncodingHtmlSanitizer()

Method Summary

Modifier and Type	Method	Description
@NonNull String	sanitize(String html)	Sanitizes a string of HTML.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

HtmlEntityEncodingHtmlSanitizer

public HtmlEntityEncodingHtmlSanitizer()

Method Details

sanitize

public @NonNull String sanitize(@Nullable
 String html)

Description copied from interface: HtmlSanitizer

Sanitizes a string of HTML.

Specified by:

sanitize in interface HtmlSanitizer

Parameters:

html - the String of HTML to Sanitize

Returns:

a sanitized version of the supplied HTML String.