If you are using Maven then follow the maven directions to
add a dependency. Otherwise,
download prebuilt jars
or git clone [email protected]:OWASP/java-html-sanitizer.git
and build
the latest source.
Unless maven is managing your CLASSPATH for you, you need to add owasp-java-html-sanitizer.jar
.
Once you have your CLASSPATH set up correctly with the relevant JARs you should be able to add
import org.owasp.html.HtmlPolicyBuilder;
to one of your project's .java
files and compile it.
The examples include source code which defines a sanitization policy, and applies it to HTML.
The javadoc covers more detailed topics, including customization.
Important classes are:
- Sanitizers contains combinable pre-packaged policies.
- HtmlPolicyBuilder lets you easily build custom policies.
For advanced use, see:
- AttributePolicy and ElementPolicy allow complex customization.
- HtmlStreamEventReceiver if you don't just want a
String
as output.
Feel free to post questions at the discussion group and we'll do our best to help.