Class Whitelist
- java.lang.Object
-
- org.jsoup.safety.Whitelist
-
public class Whitelist extends java.lang.Object
Whitelists define what HTML (elements and attributes) to allow through the cleaner. Everything else is removed.Start with one of the defaults:
If you need to allow more through (please be careful!), tweak a base whitelist with:
addTags(java.lang.String...)
addAttributes(java.lang.String, java.lang.String...)
addEnforcedAttribute(java.lang.String, java.lang.String, java.lang.String)
addProtocols(java.lang.String, java.lang.String, java.lang.String...)
You can remove any setting from an existing whitelist with:
removeTags(java.lang.String...)
removeAttributes(java.lang.String, java.lang.String...)
removeEnforcedAttribute(java.lang.String, java.lang.String)
removeProtocols(java.lang.String, java.lang.String, java.lang.String...)
The cleaner and these whitelists assume that you want to clean a
body
fragment of HTML (to add user supplied HTML into a templated page), and not to clean a full HTML document. If the latter is the case, either wrap the document HTML around the cleaned body HTML, or create a whitelist that allowshtml
andhead
elements as appropriate.If you are going to extend a whitelist, please be very careful. Make sure you understand what attributes may lead to XSS attack vectors. URL attributes are particularly vulnerable and require careful validation. See http://ha.ckers.org/xss.html for some XSS attack examples.
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description (package private) static class
Whitelist.AttributeKey
(package private) static class
Whitelist.AttributeValue
(package private) static class
Whitelist.Protocol
(package private) static class
Whitelist.TagName
(package private) static class
Whitelist.TypedValue
-
Field Summary
Fields Modifier and Type Field Description private java.util.Map<Whitelist.TagName,java.util.Set<Whitelist.AttributeKey>>
attributes
private java.util.Map<Whitelist.TagName,java.util.Map<Whitelist.AttributeKey,Whitelist.AttributeValue>>
enforcedAttributes
private boolean
preserveRelativeLinks
private java.util.Map<Whitelist.TagName,java.util.Map<Whitelist.AttributeKey,java.util.Set<Whitelist.Protocol>>>
protocols
private java.util.Set<Whitelist.TagName>
tagNames
-
Constructor Summary
Constructors Constructor Description Whitelist()
Create a new, empty whitelist.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description Whitelist
addAttributes(java.lang.String tag, java.lang.String... attributes)
Add a list of allowed attributes to a tag.Whitelist
addEnforcedAttribute(java.lang.String tag, java.lang.String attribute, java.lang.String value)
Add an enforced attribute to a tag.Whitelist
addProtocols(java.lang.String tag, java.lang.String attribute, java.lang.String... protocols)
Add allowed URL protocols for an element's URL attribute.Whitelist
addTags(java.lang.String... tags)
Add a list of allowed elements to a whitelist.static Whitelist
basic()
This whitelist allows a fuller range of text nodes:a, b, blockquote, br, cite, code, dd, dl, dt, em, i, li, ol, p, pre, q, small, span, strike, strong, sub, sup, u, ul
, and appropriate attributes.static Whitelist
basicWithImages()
This whitelist allows the same text tags asbasic()
, and also allowsimg
tags, with appropriate attributes, withsrc
pointing tohttp
orhttps
.(package private) Attributes
getEnforcedAttributes(java.lang.String tagName)
protected boolean
isSafeAttribute(java.lang.String tagName, Element el, Attribute attr)
Test if the supplied attribute is allowed by this whitelist for this tagprotected boolean
isSafeTag(java.lang.String tag)
Test if the supplied tag is allowed by this whitelistprivate boolean
isValidAnchor(java.lang.String value)
static Whitelist
none()
This whitelist allows only text nodes: all HTML will be stripped.Whitelist
preserveRelativeLinks(boolean preserve)
Configure this Whitelist to preserve relative links in an element's URL attribute, or convert them to absolute links.static Whitelist
relaxed()
This whitelist allows a full range of text and structural body HTML:a, b, blockquote, br, caption, cite, code, col, colgroup, dd, div, dl, dt, em, h1, h2, h3, h4, h5, h6, i, img, li, ol, p, pre, q, small, span, strike, strong, sub, sup, table, tbody, td, tfoot, th, thead, tr, u, ul
Whitelist
removeAttributes(java.lang.String tag, java.lang.String... attributes)
Remove a list of allowed attributes from a tag.Whitelist
removeEnforcedAttribute(java.lang.String tag, java.lang.String attribute)
Remove a previously configured enforced attribute from a tag.Whitelist
removeProtocols(java.lang.String tag, java.lang.String attribute, java.lang.String... removeProtocols)
Remove allowed URL protocols for an element's URL attribute.Whitelist
removeTags(java.lang.String... tags)
Remove a list of allowed elements from a whitelist.static Whitelist
simpleText()
This whitelist allows only simple text formatting:b, em, i, strong, u
.private boolean
testValidProtocol(Element el, Attribute attr, java.util.Set<Whitelist.Protocol> protocols)
-
-
-
Field Detail
-
tagNames
private java.util.Set<Whitelist.TagName> tagNames
-
attributes
private java.util.Map<Whitelist.TagName,java.util.Set<Whitelist.AttributeKey>> attributes
-
enforcedAttributes
private java.util.Map<Whitelist.TagName,java.util.Map<Whitelist.AttributeKey,Whitelist.AttributeValue>> enforcedAttributes
-
protocols
private java.util.Map<Whitelist.TagName,java.util.Map<Whitelist.AttributeKey,java.util.Set<Whitelist.Protocol>>> protocols
-
preserveRelativeLinks
private boolean preserveRelativeLinks
-
-
Constructor Detail
-
Whitelist
public Whitelist()
Create a new, empty whitelist. Generally it will be better to start with a default prepared whitelist instead.- See Also:
basic()
,basicWithImages()
,simpleText()
,relaxed()
-
-
Method Detail
-
none
public static Whitelist none()
This whitelist allows only text nodes: all HTML will be stripped.- Returns:
- whitelist
-
simpleText
public static Whitelist simpleText()
This whitelist allows only simple text formatting:b, em, i, strong, u
. All other HTML (tags and attributes) will be removed.- Returns:
- whitelist
-
basic
public static Whitelist basic()
This whitelist allows a fuller range of text nodes:
a, b, blockquote, br, cite, code, dd, dl, dt, em, i, li, ol, p, pre, q, small, span, strike, strong, sub, sup, u, ul
, and appropriate attributes.Links (
a
elements) can point tohttp, https, ftp, mailto
, and have an enforcedrel=nofollow
attribute.Does not allow images.
- Returns:
- whitelist
-
basicWithImages
public static Whitelist basicWithImages()
This whitelist allows the same text tags asbasic()
, and also allowsimg
tags, with appropriate attributes, withsrc
pointing tohttp
orhttps
.- Returns:
- whitelist
-
relaxed
public static Whitelist relaxed()
This whitelist allows a full range of text and structural body HTML:a, b, blockquote, br, caption, cite, code, col, colgroup, dd, div, dl, dt, em, h1, h2, h3, h4, h5, h6, i, img, li, ol, p, pre, q, small, span, strike, strong, sub, sup, table, tbody, td, tfoot, th, thead, tr, u, ul
Links do not have an enforced
rel=nofollow
attribute, but you can add that if desired.- Returns:
- whitelist
-
addTags
public Whitelist addTags(java.lang.String... tags)
Add a list of allowed elements to a whitelist. (If a tag is not allowed, it will be removed from the HTML.)- Parameters:
tags
- tag names to allow- Returns:
- this (for chaining)
-
removeTags
public Whitelist removeTags(java.lang.String... tags)
Remove a list of allowed elements from a whitelist. (If a tag is not allowed, it will be removed from the HTML.)- Parameters:
tags
- tag names to disallow- Returns:
- this (for chaining)
-
addAttributes
public Whitelist addAttributes(java.lang.String tag, java.lang.String... attributes)
Add a list of allowed attributes to a tag. (If an attribute is not allowed on an element, it will be removed.)E.g.:
addAttributes("a", "href", "class")
allowshref
andclass
attributes ona
tags.To make an attribute valid for all tags, use the pseudo tag
:all
, e.g.addAttributes(":all", "class")
.- Parameters:
tag
- The tag the attributes are for. The tag will be added to the allowed tag list if necessary.attributes
- List of valid attributes for the tag- Returns:
- this (for chaining)
-
removeAttributes
public Whitelist removeAttributes(java.lang.String tag, java.lang.String... attributes)
Remove a list of allowed attributes from a tag. (If an attribute is not allowed on an element, it will be removed.)E.g.:
removeAttributes("a", "href", "class")
disallowshref
andclass
attributes ona
tags.To make an attribute invalid for all tags, use the pseudo tag
:all
, e.g.removeAttributes(":all", "class")
.- Parameters:
tag
- The tag the attributes are for.attributes
- List of invalid attributes for the tag- Returns:
- this (for chaining)
-
addEnforcedAttribute
public Whitelist addEnforcedAttribute(java.lang.String tag, java.lang.String attribute, java.lang.String value)
Add an enforced attribute to a tag. An enforced attribute will always be added to the element. If the element already has the attribute set, it will be overridden with this value.E.g.:
addEnforcedAttribute("a", "rel", "nofollow")
will make alla
tags output as<a href="..." rel="nofollow">
- Parameters:
tag
- The tag the enforced attribute is for. The tag will be added to the allowed tag list if necessary.attribute
- The attribute namevalue
- The enforced attribute value- Returns:
- this (for chaining)
-
removeEnforcedAttribute
public Whitelist removeEnforcedAttribute(java.lang.String tag, java.lang.String attribute)
Remove a previously configured enforced attribute from a tag.- Parameters:
tag
- The tag the enforced attribute is for.attribute
- The attribute name- Returns:
- this (for chaining)
-
preserveRelativeLinks
public Whitelist preserveRelativeLinks(boolean preserve)
Configure this Whitelist to preserve relative links in an element's URL attribute, or convert them to absolute links. By default, this is false: URLs will be made absolute (e.g. start with an allowed protocol, like e.g.http://
.Note that when handling relative links, the input document must have an appropriate
base URI
set when parsing, so that the link's protocol can be confirmed. Regardless of the setting of thepreserve relative links
option, the link must be resolvable against the base URI to an allowed protocol; otherwise the attribute will be removed.- Parameters:
preserve
-true
to allow relative links,false
(default) to deny- Returns:
- this Whitelist, for chaining.
- See Also:
addProtocols(java.lang.String, java.lang.String, java.lang.String...)
-
addProtocols
public Whitelist addProtocols(java.lang.String tag, java.lang.String attribute, java.lang.String... protocols)
Add allowed URL protocols for an element's URL attribute. This restricts the possible values of the attribute to URLs with the defined protocol.E.g.:
addProtocols("a", "href", "ftp", "http", "https")
To allow a link to an in-page URL anchor (i.e.
<a href="#anchor">
, add a#
:
E.g.:addProtocols("a", "href", "#")
- Parameters:
tag
- Tag the URL protocol is forattribute
- Attribute nameprotocols
- List of valid protocols- Returns:
- this, for chaining
-
removeProtocols
public Whitelist removeProtocols(java.lang.String tag, java.lang.String attribute, java.lang.String... removeProtocols)
Remove allowed URL protocols for an element's URL attribute. If you remove all protocols for an attribute, that attribute will allow any protocol.E.g.:
removeProtocols("a", "href", "ftp")
- Parameters:
tag
- Tag the URL protocol is forattribute
- Attribute nameremoveProtocols
- List of invalid protocols- Returns:
- this, for chaining
-
isSafeTag
protected boolean isSafeTag(java.lang.String tag)
Test if the supplied tag is allowed by this whitelist- Parameters:
tag
- test tag- Returns:
- true if allowed
-
isSafeAttribute
protected boolean isSafeAttribute(java.lang.String tagName, Element el, Attribute attr)
Test if the supplied attribute is allowed by this whitelist for this tag- Parameters:
tagName
- tag to consider allowing the attribute inel
- element under test, to confirm protocolattr
- attribute under test- Returns:
- true if allowed
-
testValidProtocol
private boolean testValidProtocol(Element el, Attribute attr, java.util.Set<Whitelist.Protocol> protocols)
-
isValidAnchor
private boolean isValidAnchor(java.lang.String value)
-
getEnforcedAttributes
Attributes getEnforcedAttributes(java.lang.String tagName)
-
-