Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
Nuxeo ECM Projects 5.4.3-SNAPSHOT
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.nuxeo.ecm.platform.htmlsanitizer
Class HtmlSanitizerServiceImpl

java.lang.Object
  extended by org.nuxeo.runtime.model.DefaultComponent
      extended by org.nuxeo.ecm.platform.htmlsanitizer.HtmlSanitizerServiceImpl
All Implemented Interfaces:
HtmlSanitizerService, Adaptable, Component, Extensible
public class HtmlSanitizerServiceImpl
extends DefaultComponent
implements HtmlSanitizerService

Service that sanitizes some HMTL fields to remove potential cross-site scripting attacks in them.

Field Summary
 LinkedList<HtmlSanitizerAntiSamyDescriptor> allPolicies
          All policies registered.
 List<HtmlSanitizerDescriptor> allSanitizers
          All sanitizers registered.
static String ANTISAMY_XP
           
 org.owasp.validator.html.Policy policy
          Effective policy.
static String SANITIZER_XP
           
 List<HtmlSanitizerDescriptor> sanitizers
          Effective sanitizers.
 
Constructor Summary
HtmlSanitizerServiceImpl()
           
 
Method Summary
 void registerContribution(Object contribution, String extensionPoint, ComponentInstance contributor)
           
 void sanitizeDocument(DocumentModel doc)
          Sanitizes a document's fields, depending on the service configuration.
 String sanitizeString(String string, String info)
          Sanitizes a string.
 void unregisterContribution(Object contribution, String extensionPoint, ComponentInstance contributor)
           
 
Methods inherited from class org.nuxeo.runtime.model.DefaultComponent
activate, applicationStarted, deactivate, getAdapter, registerExtension, unregisterExtension
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

ANTISAMY_XP

public static final String ANTISAMY_XP
See Also:
Constant Field Values

SANITIZER_XP

public static final String SANITIZER_XP
See Also:
Constant Field Values

allPolicies

public LinkedList<HtmlSanitizerAntiSamyDescriptor> allPolicies
All policies registered.

policy

public org.owasp.validator.html.Policy policy
Effective policy.

allSanitizers

public List<HtmlSanitizerDescriptor> allSanitizers
All sanitizers registered.

sanitizers

public List<HtmlSanitizerDescriptor> sanitizers
Effective sanitizers.

Constructor Detail

HtmlSanitizerServiceImpl

public HtmlSanitizerServiceImpl()
Method Detail

registerContribution

public void registerContribution(Object contribution,
                                 String extensionPoint,
                                 ComponentInstance contributor)
Overrides:
registerContribution in class DefaultComponent

unregisterContribution

public void unregisterContribution(Object contribution,
                                   String extensionPoint,
                                   ComponentInstance contributor)
Overrides:
unregisterContribution in class DefaultComponent

sanitizeDocument

public void sanitizeDocument(DocumentModel doc)
                      throws ClientException
Description copied from interface: HtmlSanitizerService
Sanitizes a document's fields, depending on the service configuration.

Specified by:
sanitizeDocument in interface HtmlSanitizerService
Throws:
ClientException

sanitizeString

public String sanitizeString(String string,
                             String info)
Description copied from interface: HtmlSanitizerService
Sanitizes a string.

Specified by:
sanitizeString in interface HtmlSanitizerService
Parameters:
string - the string to sanitize
info - additional info logged when something is sanitized
Returns:
the sanitized string
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
Nuxeo ECM Projects 5.4.3-SNAPSHOT
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2011 Nuxeo SAS. All Rights Reserved.