Package com.atlassian.confluence.content.render.xhtml

Interface StorageFormatCleaner

All Known Implementing Classes:

PolicyConfiguredCleaner

public interface StorageFormatCleaner

Responsible for cleaning supplied XML content into a form that is balanced and free of any insecure markup.

Since:

5.1.4

Nested Class Summary

Nested Classes

Modifier and Type	Interface	Description
static class	StorageFormatCleaner.AppliedRuleDescription	A description of a rule that was applied during the cleaning of content.
static class	StorageFormatCleaner.Result	The complete results of a clean up operation.

Method Summary

Modifier and Type	Method	Description
StorageFormatCleaner.Result	cleanEntity(ContentEntityObject uncleanCeo)	Clean the supplied body content markup and make it safe from security concerns.
String	cleanQuietly(ContentEntityObject uncleanCeo)	Clean the specified body content markup and make it safe from security concerns with out reporting any clean up performed
String	cleanQuietly(String unclean)	Clean the specified String.
String	cleanStyleAttribute(String uncleanStyle)	Convert the supplied value of an HTML style attribute into a safe form if necessary.
boolean	isCleanUrlAttribute(String urlValue)	Test that the supplied value of a URL type attribute (such as href) is safe for output.

Method Details

cleanEntity

StorageFormatCleaner.Result cleanEntity(ContentEntityObject uncleanCeo)

Clean the supplied body content markup and make it safe from security concerns.

Parameters:

uncleanCeo - a CEO containing the body content to be processed. The CEO is not modified, but the cleaned body content is returned.

Returns:

a result encapsulating the cleaned version of the supplied body content XHTML as well as a description of rules applied.

cleanQuietly

String cleanQuietly(ContentEntityObject uncleanCeo)

Clean the specified body content markup and make it safe from security concerns with out reporting any clean up performed

Parameters:

uncleanCeo - a CEO containing the body content to be processed. The CEO is not modified, but the cleaned body content is returned.

Returns:

a cleaned up version of the supplied body content

cleanQuietly

String cleanQuietly(String unclean)

Clean the specified String.

Parameters:

unclean - the String to be cleaned

Returns:

a cleaned version of the supplied String

cleanStyleAttribute

String cleanStyleAttribute(String uncleanStyle)

Convert the supplied value of an HTML style attribute into a safe form if necessary. If the result of the safety checking results in no properties remaining then it is possible that an empty String will be returned.

Parameters:

uncleanStyle - the style attribute value to be cleaned

Returns:

a cleaned version of the supplied style attribute value..

isCleanUrlAttribute

boolean isCleanUrlAttribute(String urlValue)

Test that the supplied value of a URL type attribute (such as href) is safe for output.

Parameters:

urlValue -

Returns:

true if this attribute value can be output, otherwise false.