1 package fr.paris.lutece.portal.service.html;
2
3 import org.owasp.html.PolicyFactory;
4 import org.owasp.html.Sanitizers;
5
6 public class OwaspXSSSanitizer implements IXSSSanitizer {
7
8 private static PolicyFactory _policy ;
9
10 @Override
11 public String sanitize( String strSource )
12 {
13
14 return _policy.sanitize( strSource ).replace ( "@", "@").replace( "+", "+" );
15 }
16
17 public void init( )
18 {
19 _policy = Sanitizers.FORMATTING
20 .and(Sanitizers.LINKS)
21 .and(Sanitizers.BLOCKS)
22 .and(Sanitizers.IMAGES)
23 .and(Sanitizers.STYLES)
24 .and ( Sanitizers.TABLES);
25 }
26 }