Package org.commonmark.renderer.html

Class DefaultUrlSanitizer

java.lang.Object
org.commonmark.renderer.html.DefaultUrlSanitizer
All Implemented Interfaces:
UrlSanitizer
public class DefaultUrlSanitizer extends Object implements UrlSanitizer
Allows http, https, mailto, and data protocols for url. Also allows protocol relative urls, and relative urls. Implementation based on https://github.com/OWASP/java-html-sanitizer/blob/f07e44b034a45d94d6fd010279073c38b6933072/src/main/java/org/owasp/html/FilterUrlByProtocolAttributePolicy.java

  • Field Details

  • Constructor Details

    • DefaultUrlSanitizer

      public DefaultUrlSanitizer()

    • DefaultUrlSanitizer

      public DefaultUrlSanitizer(Collection<String> protocols)

  • Method Details

    • sanitizeLinkUrl

      public String sanitizeLinkUrl(String url)
      Description copied from interface: UrlSanitizer
      Sanitize a url for use in the href attribute of a Link.
      Specified by:
      sanitizeLinkUrl in interface UrlSanitizer
      Parameters:
      url - Link to sanitize
      Returns:
      Sanitized link

    • sanitizeImageUrl

      public String sanitizeImageUrl(String url)
      Description copied from interface: UrlSanitizer
      Sanitize a url for use in the src attribute of a Image.
      Specified by:
      sanitizeImageUrl in interface UrlSanitizer
      Parameters:
      url - Link to sanitize
      Returns:
      Sanitized link Image

    • stripHtmlSpaces

      private String stripHtmlSpaces(String s)

    • isHtmlSpace

      private boolean isHtmlSpace(int ch)