jsoup – Sanitize HTML


jsoup – Sanitize HTML



”;


Following example will showcase prevention of XSS attacks or cross-site scripting attack.

Syntax


String safeHtml =  Jsoup.clean(html, Safelist.basic());  

Where

  • Jsoup − main class to parse the given HTML String.

  • html − Initial HTML String.

  • safeHtml − Cleaned HTML.

  • Safelist − Object to provide default configurations to safeguard html.

  • clean() − cleans the html using Whitelist.

Description

Jsoup object sanitizes an html using Whitelist configurations.

Example

Create the following java program using any editor of your choice in say C:/> jsoup.

JsoupTester.java


import org.jsoup.Jsoup;
import org.jsoup.safety.Safelist;

public class JsoupTester {
   public static void main(String[] args) {
      String html = "<p><a href=''http://example.com/''"
         +" onclick=''checkData()''>Link</a></p>";

      System.out.println("Initial HTML: " + html);
      String safeHtml =  Jsoup.clean(html, Safelist.basic());
      System.out.println("Cleaned HTML: " +safeHtml);
   }
}

Verify the result

Compile the class using javac compiler as follows −


C:jsoup>javac JsoupTester.java

Now run the JsoupTester to see the result.


C:jsoup>java JsoupTester

See the result.


Initial HTML: <p><a href=''http://example.com/'' onclick=''checkData()''>Link</a></p>
Cleaned HTML: <p><a href="http://example.com/" rel="nofollow">Link</a></p>

Advertisements

”;

Leave a Reply

Your email address will not be published. Required fields are marked *