Interface Sanitizer
public interface Sanitizer
Provides an interface and constants for sanitizer component implementations.
Commonly, sanitizers are implemented for stripping offensive vocabulary from
content or for removing malicious HTML content, such as cross-site scripting
(CSS). Multiple implementations can be deployed in a hook plugin and
specified in a comma separated list of values for the
sanitizer.impl
portal property (see Sanitizer).
All installed sanitizers are chained.- Author:
- Zsolt Balogh, Brian Wing Shun Chan
-
Field Summary
Fields -
Method Summary
-
Field Details
-
MODE_ALL
- See Also:
-
MODE_BAD_WORDS
- See Also:
-
MODE_XSS
- See Also:
-
-
Method Details
-
sanitize
String sanitize(long companyId, long groupId, long userId, String className, long classPK, String contentType, String[] modes, String content, Map<String, Object> options) throws SanitizerExceptionReturns the sanitized content as a string.- Parameters:
companyId
- the primary key of the portal instancegroupId
- the primary key of the site's groupuserId
- the user who changed the contentclassName
- the class name of the content model implementationclassPK
- the primary key of the content to sanitize,0
if not availablecontentType
- the content type. For more information, seeContentTypes
.modes
- ways in which to run the sanitizer, such asMODE_ALL
,MODE_BAD_WORDS
, and/orMODE_XSS
content
- the content to sanitizeoptions
- the options map- Returns:
- the sanitized content
- Throws:
SanitizerException
- if a sanitizer exception occurred
-