public class Cleaner extends Object
The HTML cleaner parses the input as HTML and then runs it through a white-list, so the output HTML can only contain HTML that is allowed by the whitelist.
It is assumed that the input HTML is a body fragment; the clean methods only pull from the source's body, and the canned white-lists only allow body contained tags.
Rather than interacting directly with a Cleaner object, generally see the
clean methods in
|Constructor and Description|
Create a new cleaner, that sanitizes documents using the supplied whitelist.
|Modifier and Type||Method and Description|
Creates a new, clean document, from the original dirty document, containing only elements allowed by the whitelist.
Determines if the input document is valid, against the whitelist.
public Cleaner(Whitelist whitelist)
whitelist- white-list to clean with
dirtyDocument- Untrusted base document to clean.
public boolean isValid(Document dirtyDocument)
This method can be used as a validator for user input forms. An invalid document will still be cleaned successfully using the
clean(Document) document. If using as a validator, it is recommended to still clean the document to ensure enforced attributes are set correctly, and that the output is tidied.
dirtyDocument- document to test
Copyright © 2009–2016 Jonathan Hedley. All rights reserved.