1<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> 2<!--NewPage--> 3<HTML> 4<HEAD> 5<META http-equiv="Content-Type" content="text/html; charset=UTF-8"> 6<TITLE> 7ElementPolicy (OWASP Java HTML Sanitizer) 8</TITLE> 9 10 11<LINK REL ="stylesheet" TYPE="text/css" HREF="../../../stylesheet.css" TITLE="Style"> 12 13<SCRIPT type="text/javascript"> 14function windowTitle() 15{ 16 if (location.href.indexOf('is-external=true') == -1) { 17 parent.document.title="ElementPolicy (OWASP Java HTML Sanitizer)"; 18 } 19} 20</SCRIPT> 21<NOSCRIPT> 22</NOSCRIPT> 23 24</HEAD> 25 26<BODY BGCOLOR="white" onload="windowTitle();"> 27<HR> 28 29 30<!-- ========= START OF TOP NAVBAR ======= --> 31<A NAME="navbar_top"><!-- --></A> 32<A HREF="#skip-navbar_top" title="Skip navigation links"></A> 33<TABLE BORDER="0" WIDTH="100%" CELLPADDING="1" CELLSPACING="0" SUMMARY=""> 34<TR> 35<TD COLSPAN=2 BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> 36<A NAME="navbar_top_firstrow"><!-- --></A> 37<TABLE BORDER="0" CELLPADDING="0" CELLSPACING="3" SUMMARY=""> 38 <TR ALIGN="center" VALIGN="top"> 39 <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../overview-summary.html"><FONT CLASS="NavBarFont1"><B>Overview</B></FONT></A> </TD> 40 <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="package-summary.html"><FONT CLASS="NavBarFont1"><B>Package</B></FONT></A> </TD> 41 <TD BGCOLOR="#FFFFFF" CLASS="NavBarCell1Rev"> <FONT CLASS="NavBarFont1Rev"><B>Class</B></FONT> </TD> 42 <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="class-use/ElementPolicy.html"><FONT CLASS="NavBarFont1"><B>Use</B></FONT></A> </TD> 43 <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="package-tree.html"><FONT CLASS="NavBarFont1"><B>Tree</B></FONT></A> </TD> 44 <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../deprecated-list.html"><FONT CLASS="NavBarFont1"><B>Deprecated</B></FONT></A> </TD> 45 <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../index-files/index-1.html"><FONT CLASS="NavBarFont1"><B>Index</B></FONT></A> </TD> 46 </TR> 47</TABLE> 48</TD> 49<TD ALIGN="right" VALIGN="top" ROWSPAN=3><EM> 50<a href="http://code.google.com/p/owasp-java-html-sanitizer" target=_top>code.google.com home</a></EM> 51</TD> 52</TR> 53 54<TR> 55<TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2"> 56 <A HREF="../../../org/owasp/html/CssSchema.html" title="class in org.owasp.html"><B>PREV CLASS</B></A> 57 <A HREF="../../../org/owasp/html/ElementPolicy.Util.html" title="class in org.owasp.html"><B>NEXT CLASS</B></A></FONT></TD> 58<TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2"> 59 <A HREF="../../../index.html?org/owasp/html/ElementPolicy.html" target="_top"><B>FRAMES</B></A> 60 <A HREF="ElementPolicy.html" target="_top"><B>NO FRAMES</B></A> 61 <SCRIPT type="text/javascript"> 62 <!-- 63 if(window==top) { 64 document.writeln('<A HREF="../../../allclasses-noframe.html"><B>All Classes</B></A>'); 65 } 66 //--> 67</SCRIPT> 68<NOSCRIPT> 69 <A HREF="../../../allclasses-noframe.html"><B>All Classes</B></A> 70</NOSCRIPT> 71 72 73</FONT></TD> 74</TR> 75<TR> 76<TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2"> 77 SUMMARY: <A HREF="#nested_class_summary">NESTED</A> | <A HREF="#field_summary">FIELD</A> | CONSTR | <A HREF="#method_summary">METHOD</A></FONT></TD> 78<TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2"> 79DETAIL: <A HREF="#field_detail">FIELD</A> | CONSTR | <A HREF="#method_detail">METHOD</A></FONT></TD> 80</TR> 81</TABLE> 82<A NAME="skip-navbar_top"></A> 83<!-- ========= END OF TOP NAVBAR ========= --> 84 85<HR> 86<!-- ======== START OF CLASS DATA ======== --> 87<H2> 88<FONT SIZE="-1"> 89org.owasp.html</FONT> 90<BR> 91Interface ElementPolicy</H2> 92<HR> 93<DL> 94<DT><PRE>public interface <A HREF="../../../src-html/org/owasp/html/ElementPolicy.html#line.47"><B>ElementPolicy</B></A></DL> 95</PRE> 96 97<P> 98A policy that can be applied to an element to decide whether or not to 99 allow it in the output, possibly after transforming attributes. 100 <p> 101 Element policies are applied <strong>after</strong> 102 <A HREF="../../../org/owasp/html/AttributePolicy.html" title="interface in org.owasp.html"><CODE>attribute policies</CODE></A> so 103 they can be used to add extra attributes. 104<P> 105 106<P> 107<DL> 108<DT><B>Author:</B></DT> 109 <DD>Mike Samuel <mikesamuel@gmail.com></DD> 110<DT><B>See Also:</B><DD><A HREF="../../../org/owasp/html/HtmlPolicyBuilder.html#allowElements(org.owasp.html.ElementPolicy, java.lang.String...)"><CODE>HtmlPolicyBuilder.allowElements(ElementPolicy, String...)</CODE></A></DL> 111<HR> 112 113<P> 114<!-- ======== NESTED CLASS SUMMARY ======== --> 115 116<A NAME="nested_class_summary"><!-- --></A> 117<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY=""> 118<TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor"> 119<TH ALIGN="left" COLSPAN="2"><FONT SIZE="+2"> 120<B>Nested Class Summary</B></FONT></TH> 121</TR> 122<TR BGCOLOR="white" CLASS="TableRowColor"> 123<TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> 124<CODE>static class</CODE></FONT></TD> 125<TD><CODE><B><A HREF="../../../org/owasp/html/ElementPolicy.Util.html" title="class in org.owasp.html">ElementPolicy.Util</A></B></CODE> 126 127<BR> 128 Utilities for working with element policies.</TD> 129</TR> 130</TABLE> 131 <!-- =========== FIELD SUMMARY =========== --> 132 133<A NAME="field_summary"><!-- --></A> 134<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY=""> 135<TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor"> 136<TH ALIGN="left" COLSPAN="2"><FONT SIZE="+2"> 137<B>Field Summary</B></FONT></TH> 138</TR> 139<TR BGCOLOR="white" CLASS="TableRowColor"> 140<TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> 141<CODE>static <A HREF="../../../org/owasp/html/ElementPolicy.html" title="interface in org.owasp.html">ElementPolicy</A></CODE></FONT></TD> 142<TD><CODE><B><A HREF="../../../org/owasp/html/ElementPolicy.html#IDENTITY_ELEMENT_POLICY">IDENTITY_ELEMENT_POLICY</A></B></CODE> 143 144<BR> 145 </TD> 146</TR> 147<TR BGCOLOR="white" CLASS="TableRowColor"> 148<TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> 149<CODE>static <A HREF="../../../org/owasp/html/ElementPolicy.html" title="interface in org.owasp.html">ElementPolicy</A></CODE></FONT></TD> 150<TD><CODE><B><A HREF="../../../org/owasp/html/ElementPolicy.html#REJECT_ALL_ELEMENT_POLICY">REJECT_ALL_ELEMENT_POLICY</A></B></CODE> 151 152<BR> 153 </TD> 154</TR> 155</TABLE> 156 157<!-- ========== METHOD SUMMARY =========== --> 158 159<A NAME="method_summary"><!-- --></A> 160<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY=""> 161<TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor"> 162<TH ALIGN="left" COLSPAN="2"><FONT SIZE="+2"> 163<B>Method Summary</B></FONT></TH> 164</TR> 165<TR BGCOLOR="white" CLASS="TableRowColor"> 166<TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1"> 167<CODE> java.lang.String</CODE></FONT></TD> 168<TD><CODE><B><A HREF="../../../org/owasp/html/ElementPolicy.html#apply(java.lang.String, java.util.List)">apply</A></B>(java.lang.String elementName, 169 java.util.List<java.lang.String> attrs)</CODE> 170 171<BR> 172 </TD> 173</TR> 174</TABLE> 175 176<P> 177 178<!-- ============ FIELD DETAIL =========== --> 179 180<A NAME="field_detail"><!-- --></A> 181<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY=""> 182<TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor"> 183<TH ALIGN="left" COLSPAN="1"><FONT SIZE="+2"> 184<B>Field Detail</B></FONT></TH> 185</TR> 186</TABLE> 187 188<A NAME="IDENTITY_ELEMENT_POLICY"><!-- --></A><H3> 189IDENTITY_ELEMENT_POLICY</H3> 190<PRE> 191static final <A HREF="../../../org/owasp/html/ElementPolicy.html" title="interface in org.owasp.html">ElementPolicy</A> <A HREF="../../../src-html/org/owasp/html/ElementPolicy.html#line.103"><B>IDENTITY_ELEMENT_POLICY</B></A></PRE> 192<DL> 193<DL> 194</DL> 195</DL> 196<HR> 197 198<A NAME="REJECT_ALL_ELEMENT_POLICY"><!-- --></A><H3> 199REJECT_ALL_ELEMENT_POLICY</H3> 200<PRE> 201static final <A HREF="../../../org/owasp/html/ElementPolicy.html" title="interface in org.owasp.html">ElementPolicy</A> <A HREF="../../../src-html/org/owasp/html/ElementPolicy.html#line.110"><B>REJECT_ALL_ELEMENT_POLICY</B></A></PRE> 202<DL> 203<DL> 204</DL> 205</DL> 206 207<!-- ============ METHOD DETAIL ========== --> 208 209<A NAME="method_detail"><!-- --></A> 210<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY=""> 211<TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor"> 212<TH ALIGN="left" COLSPAN="1"><FONT SIZE="+2"> 213<B>Method Detail</B></FONT></TH> 214</TR> 215</TABLE> 216 217<A NAME="apply(java.lang.String, java.util.List)"><!-- --></A><H3> 218apply</H3> 219<PRE> 220<FONT SIZE="-1">@Nullable 221</FONT>java.lang.String <A HREF="../../../src-html/org/owasp/html/ElementPolicy.html#line.56"><B>apply</B></A>(java.lang.String elementName, 222 java.util.List<java.lang.String> attrs)</PRE> 223<DL> 224<DD><DL> 225<DT><B>Parameters:</B><DD><CODE>elementName</CODE> - the lower-case element name.<DD><CODE>attrs</CODE> - a list of alternating attribute names and values. 226 The list may be added to or removed from. When removing, be 227 careful to remove both the name and its associated value. 228<DT><B>Returns:</B><DD><code>null</code> to disallow the element, or the adjusted element name.</DL> 229</DD> 230</DL> 231<!-- ========= END OF CLASS DATA ========= --> 232<HR> 233 234 235<!-- ======= START OF BOTTOM NAVBAR ====== --> 236<A NAME="navbar_bottom"><!-- --></A> 237<A HREF="#skip-navbar_bottom" title="Skip navigation links"></A> 238<TABLE BORDER="0" WIDTH="100%" CELLPADDING="1" CELLSPACING="0" SUMMARY=""> 239<TR> 240<TD COLSPAN=2 BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> 241<A NAME="navbar_bottom_firstrow"><!-- --></A> 242<TABLE BORDER="0" CELLPADDING="0" CELLSPACING="3" SUMMARY=""> 243 <TR ALIGN="center" VALIGN="top"> 244 <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../overview-summary.html"><FONT CLASS="NavBarFont1"><B>Overview</B></FONT></A> </TD> 245 <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="package-summary.html"><FONT CLASS="NavBarFont1"><B>Package</B></FONT></A> </TD> 246 <TD BGCOLOR="#FFFFFF" CLASS="NavBarCell1Rev"> <FONT CLASS="NavBarFont1Rev"><B>Class</B></FONT> </TD> 247 <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="class-use/ElementPolicy.html"><FONT CLASS="NavBarFont1"><B>Use</B></FONT></A> </TD> 248 <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="package-tree.html"><FONT CLASS="NavBarFont1"><B>Tree</B></FONT></A> </TD> 249 <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../deprecated-list.html"><FONT CLASS="NavBarFont1"><B>Deprecated</B></FONT></A> </TD> 250 <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../index-files/index-1.html"><FONT CLASS="NavBarFont1"><B>Index</B></FONT></A> </TD> 251 </TR> 252</TABLE> 253</TD> 254<TD ALIGN="right" VALIGN="top" ROWSPAN=3><EM> 255<a href="http://code.google.com/p/owasp-java-html-sanitizer" target=_top>code.google.com home</a></EM> 256</TD> 257</TR> 258 259<TR> 260<TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2"> 261 <A HREF="../../../org/owasp/html/CssSchema.html" title="class in org.owasp.html"><B>PREV CLASS</B></A> 262 <A HREF="../../../org/owasp/html/ElementPolicy.Util.html" title="class in org.owasp.html"><B>NEXT CLASS</B></A></FONT></TD> 263<TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2"> 264 <A HREF="../../../index.html?org/owasp/html/ElementPolicy.html" target="_top"><B>FRAMES</B></A> 265 <A HREF="ElementPolicy.html" target="_top"><B>NO FRAMES</B></A> 266 <SCRIPT type="text/javascript"> 267 <!-- 268 if(window==top) { 269 document.writeln('<A HREF="../../../allclasses-noframe.html"><B>All Classes</B></A>'); 270 } 271 //--> 272</SCRIPT> 273<NOSCRIPT> 274 <A HREF="../../../allclasses-noframe.html"><B>All Classes</B></A> 275</NOSCRIPT> 276 277 278</FONT></TD> 279</TR> 280<TR> 281<TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2"> 282 SUMMARY: <A HREF="#nested_class_summary">NESTED</A> | <A HREF="#field_summary">FIELD</A> | CONSTR | <A HREF="#method_summary">METHOD</A></FONT></TD> 283<TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2"> 284DETAIL: <A HREF="#field_detail">FIELD</A> | CONSTR | <A HREF="#method_detail">METHOD</A></FONT></TD> 285</TR> 286</TABLE> 287<A NAME="skip-navbar_bottom"></A> 288<!-- ======== END OF BOTTOM NAVBAR ======= --> 289 290<HR> 291 292</BODY> 293</HTML> 294