”;
Following example will showcase prevention of XSS attacks or cross-site scripting attack.
Syntax
String safeHtml = Jsoup.clean(html, Safelist.basic());
Where
-
Jsoup − main class to parse the given HTML String.
-
html − Initial HTML String.
-
safeHtml − Cleaned HTML.
-
Safelist − Object to provide default configurations to safeguard html.
-
clean() − cleans the html using Whitelist.
Description
Jsoup object sanitizes an html using Whitelist configurations.
Example
Create the following java program using any editor of your choice in say C:/> jsoup.
JsoupTester.java
import org.jsoup.Jsoup; import org.jsoup.safety.Safelist; public class JsoupTester { public static void main(String[] args) { String html = "<p><a href=''http://example.com/''" +" onclick=''checkData()''>Link</a></p>"; System.out.println("Initial HTML: " + html); String safeHtml = Jsoup.clean(html, Safelist.basic()); System.out.println("Cleaned HTML: " +safeHtml); } }
Verify the result
Compile the class using javac compiler as follows −
C:jsoup>javac JsoupTester.java
Now run the JsoupTester to see the result.
C:jsoup>java JsoupTester
See the result.
Initial HTML: <p><a href=''http://example.com/'' onclick=''checkData()''>Link</a></p> Cleaned HTML: <p><a href="http://example.com/" rel="nofollow">Link</a></p>
Advertisements
”;