Interface HTMLElementSanitizer


  • @Role
    @Unstable
    public interface HTMLElementSanitizer
    Provides methods to check if HTML elements and attributes/attribute values are considered safe.

    This also includes SVG and MathML elements and attributes.

    Since:
    14.6RC1
    Version:
    $Id: 038435d19a997b0b67a588e0499d0d44f47b1d7b $
    • Field Detail

      • EXECUTION_CONTEXT_HINT_KEY

        static final String EXECUTION_CONTEXT_HINT_KEY
        The key under which a hint can be stored that will be used by the default implementation.
        See Also:
        Constant Field Values
    • Method Detail

      • isElementAllowed

        boolean isElementAllowed​(String elementName)
        Parameters:
        elementName - the name of the HTML element
        Returns:
        true if the given element is allowed in principle (given appropriate attributes)
      • isAttributeAllowed

        boolean isAttributeAllowed​(String elementName,
                                   String attributeName,
                                   String value)
        Parameters:
        elementName - the element for which the attributes shall be checked
        attributeName - the attributes to check
        value - the value of the attribute
        Returns:
        true if the attribute with this value is considered safe