org.owasp.html.HtmlPolicyBuilder.AttributeBuilder
|
code.google.com home | ||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||
java.lang.Object
public final class HtmlPolicyBuilder.AttributeBuilder
Builds the relationship between attributes, the values that they may have, and the elements on which they may appear.
| Method Summary | |
|---|---|
HtmlPolicyBuilder |
globally()
Allows the given attributes on any elements but filters the attributes' values based on previous calls to matching(...). |
HtmlPolicyBuilder.AttributeBuilder |
matching(AttributePolicy policy)
Filters and/or transforms the attribute values allowed by later allow* calls. |
HtmlPolicyBuilder.AttributeBuilder |
matching(boolean ignoreCase,
java.util.Set<? extends java.lang.String> allowedValues)
Restrict the values allowed by later allow* calls to those
supplied. |
HtmlPolicyBuilder.AttributeBuilder |
matching(boolean ignoreCase,
java.lang.String... allowedValues)
Restrict the values allowed by later allow* calls to those
supplied. |
HtmlPolicyBuilder.AttributeBuilder |
matching(java.util.regex.Pattern pattern)
Restrict the values allowed by later allow* calls to those
matching the pattern. |
HtmlPolicyBuilder.AttributeBuilder |
matching(com.google.common.base.Predicate<? super java.lang.String> filter)
Restrict the values allowed by later allow* calls to those
matching the given predicate. |
HtmlPolicyBuilder |
onElements(java.lang.String... elementNames)
Allows the named attributes on the given elements but filters the attributes' values based on previous calls to matching(...). |
| Methods inherited from class java.lang.Object |
|---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Method Detail |
|---|
public HtmlPolicyBuilder.AttributeBuilder matching(AttributePolicy policy)
allow* calls.
Multiple calls to matching are combined so that the policies
receive the value in order, each seeing the value after any
transformation by a previous policy.
public HtmlPolicyBuilder.AttributeBuilder matching(java.util.regex.Pattern pattern)
allow* calls to those
matching the pattern.
Multiple calls to matching are combined to restrict to the
intersection of possible matched values.
public HtmlPolicyBuilder.AttributeBuilder matching(com.google.common.base.Predicate<? super java.lang.String> filter)
allow* calls to those
matching the given predicate.
Multiple calls to matching are combined to restrict to the
intersection of possible matched values.
public HtmlPolicyBuilder.AttributeBuilder matching(boolean ignoreCase,
java.lang.String... allowedValues)
allow* calls to those
supplied.
Multiple calls to matching are combined to restrict to the
intersection of possible matched values.
public HtmlPolicyBuilder.AttributeBuilder matching(boolean ignoreCase,
java.util.Set<? extends java.lang.String> allowedValues)
allow* calls to those
supplied.
Multiple calls to matching are combined to restrict to the
intersection of possible matched values.
public HtmlPolicyBuilder globally()
matching(...).
Global attribute policies are applied after element specific policies.
Be careful of using this with attributes like type which
have different meanings on different attributes.
Also be careful of allowing globally attributes like href
which can have more far-reaching effects on tags like
<base> and <link> than on
<a> because in the former, they have an effect without
user interaction and can change the behavior of the current page.
public HtmlPolicyBuilder onElements(java.lang.String... elementNames)
matching(...).
|
code.google.com home | ||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||