com.atlassian.confluence.content.render.xhtml
Interface XhtmlCleaner

All Known Implementing Classes:
PolicyConfiguredXhtmlCleaner

public interface XhtmlCleaner

Responsible for cleaning supplied XHTML content into a form that is balanced and free of any insecure markup.


Nested Class Summary
static class XhtmlCleaner.AppliedRuleDescription
          A description of a rule that was applied during the cleaning of content.
static class XhtmlCleaner.Result
          The complete results of a clean up operation.
 
Method Summary
 XhtmlCleaner.Result clean(ContentEntityObject uncleanCeo)
          Clean the supplied body content markup and make it safe from security concerns.
 String cleanQuietly(ContentEntityObject uncleanCeo)
          Clean the specified body content markup and make it safe from security concerns with out reporting any clean up performed
 String cleanQuietly(String unclean)
          Clean the specified String.
 String cleanQuietly(String unclean, ConversionContext context)
          Deprecated. since 5.1, use cleanQuietly(String)
 String cleanStyleAttribute(String uncleanStyle)
          Convert the supplied value of an HTML style attribute into a safe form if necessary.
 boolean isCleanUrlAttribute(String urlValue)
          Test that the supplied value of a URL type attribute (such as href) is safe for output.
 

Method Detail

clean

XhtmlCleaner.Result clean(ContentEntityObject uncleanCeo)
Clean the supplied body content markup and make it safe from security concerns.

Parameters:
uncleanCeo - a CEO containing the body content to be processed. The CEO is not modified, but the cleaned body content is returned.
Returns:
a result encapsulating the cleaned version of the supplied body content XHTML as well as a description of rules applied.

cleanQuietly

String cleanQuietly(ContentEntityObject uncleanCeo)
Clean the specified body content markup and make it safe from security concerns with out reporting any clean up performed

Parameters:
uncleanCeo - a CEO containing the body content to be processed. The CEO is not modified, but the cleaned body content is returned.
Returns:
a cleaned up version of the supplied body content

cleanQuietly

@Deprecated
String cleanQuietly(String unclean,
                               ConversionContext context)
Deprecated. since 5.1, use cleanQuietly(String)

Clean the specified String.

Parameters:
unclean - the String to be cleaned
context - The ConversionContext that applies to the provided content.
Returns:
a cleaned version of the supplied String

cleanQuietly

String cleanQuietly(String unclean)
Clean the specified String.

Parameters:
unclean - the String to be cleaned
Returns:
a cleaned version of the supplied String

cleanStyleAttribute

String cleanStyleAttribute(String uncleanStyle)
Convert the supplied value of an HTML style attribute into a safe form if necessary. If the result of the safety checking results in no properties remaining then it is possible that an empty String will be returned.

Parameters:
uncleanStyle - the style attribute value to be cleaned
Returns:
a cleaned version of the supplied style attribute value..

isCleanUrlAttribute

boolean isCleanUrlAttribute(String urlValue)
Test that the supplied value of a URL type attribute (such as href) is safe for output.

Parameters:
urlValue -
Returns:
true if this attribute value can be output, otherwise false.


Copyright © 2003-2013 Atlassian. All Rights Reserved.