Examples of org.owasp.validator.html.Policy

• org.owasp.validator.html.Policy

    final PrintWriter printWriter = new PrintWriter(result);
    ore.printStackTrace(printWriter);
  }

  private String getCleanHTML(String original)  {
    Policy policy = null;
    try {
      String fPath = VFSManager.sanitizePath(this.getClass().getPackage().getName());
      fPath = fPath.replace('.', '/');
      fPath = fPath + "/_resources/" + POLICY_FILE;
      InputStream inStream = this.getClass().getResourceAsStream(fPath);
      policy = Policy.getInstance(inStream);
      if(maxLength > 0) {
        policy.setDirective("maxInputSize", Integer.toString(maxLength));
      }
    } catch (PolicyException e) {
      if (jUnitDebug) System.err.println("Policy file not found/readable/valid!");
      printOriginStackTrace();
      throw new AssertException("Owasp AntiSamy XSS Filter missing a correct policy file.");

  @Override
  protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
    StringBuilder html = new StringBuilder("<html><body>");
    try {
      /* Step 1 : Load AntiSamy Policy rules file */
      Policy policy = Policy.getInstance(getClass().getResource("/anti-samy-rules.xml"));

      /* Step 2 : Sanitize input */
      // --Create AS object using policy loaded
      AntiSamy as = new AntiSamy(policy);
      // --Scan input data received

  private final String LIMITED_HTML_POLICY_FILE_LOCATION = "/META-INF/limitedHtmlPolicy.xml";
  private final AntiSamy antiSamy;

  public InputCleanerImpl() {
    Policy policy;
    try {
      ClassPathResource resource = new ClassPathResource(LIMITED_HTML_POLICY_FILE_LOCATION);
      policy = Policy.getInstance(resource.getInputStream());
    } catch (Exception e) {
      throw new InputValidationException("Cannot create required AntiSamy policy object. Hint: make sure a policy file is located at " + LIMITED_HTML_POLICY_FILE_LOCATION, e);