coldbox.system.plugins

Class AntiSamy

WEB-INF.cftags.component
        extended by coldbox.system.FrameworkSupertype
            extended by coldbox.system.Plugin
                extended by coldbox.system.plugins.AntiSamy
Class Attributes:
  • singleton
    •  
  • output : false
    •  

    OWASP AntiSamy Project that provides XSS cleanup operations to ColdBox applications

    Constructor Summary
    init(any controller)
    Method Summary
    Any HTMLSanitizer(string HTMLData, [string policyFile='ebay'], [boolean resultsObject='false'])
         clean HTML from XSS scripts using the AntiSamy project.
    Any clean(string HTMLData, [string policyFile='ebay'], [boolean resultsObject='false'])
         clean HTML from XSS scripts using the AntiSamy project.
     
    Methods inherited from class coldbox.system.Plugin
    getPluginDescription, getPluginName, getPluginVersion, getRequestCollection, getRequestContext, getpluginAuthor, getpluginAuthorURL, getpluginPath, setPluginDescription, setPluginName, setPluginVersion, setpluginAuthor, setpluginAuthorURL
     
    Methods inherited from class coldbox.system.FrameworkSupertype
    $abort, $dump, $htmlhead, $include, $rethrow, $throw, addAsset, announceInterception, getColdboxOCM, getController, getDatasource, getDebugMode, getInterceptor, getMailService, getMailSettings, getMemento, getModel, getModuleSettings, getMyPlugin, getNewMail, getPlugin, getResource, getSetting, getSettingStructure, getSettingsBean, getValidationManager, getfwLocale, includeUDF, loadGlobalUDFLibraries, locateDirectoryPath, locateFilePath, persistVariables, populateModel, relocate, renderExternalView, renderLayout, renderView, runEvent, setDebugMode, setNextEvent, setNextRoute, setSetting, setfwLocale, settingExists, validateModel
     
    Methods inherited from class WEB-INF.cftags.component
    None
    Constructor Detail

    init

    public init(any controller)

    Parameters:
    controller
    Method Detail

    HTMLSanitizer

    public Any HTMLSanitizer(string HTMLData, [string policyFile='ebay'], [boolean resultsObject='false'])

    clean HTML from XSS scripts using the AntiSamy project. The available policies are antisamy, ebay, myspace, slashdot, custom

    Parameters:
    HTMLData - The html text to sanitize
    policyFile - Provide policy file to scan html. Available options are: antisamy, ebay, myspace, slashdot, tinymce, custom
    resultsObject - Return the cleaned HTML or the results object. By default it is the cleaned HTML

    clean

    public Any clean(string HTMLData, [string policyFile='ebay'], [boolean resultsObject='false'])

    clean HTML from XSS scripts using the AntiSamy project. The available policies are antisamy, ebay, myspace, slashdot, custom

    Parameters:
    HTMLData - The html text to sanitize
    policyFile - Provide policy file to scan html. Available options are: antisamy, ebay, myspace, slashdot, tinymce, custom
    resultsObject - Return the cleaned HTML or the results object. By default it is the cleaned HTML