Is there something similar to strip_tags in Java?

We have a strip_tags function in PHP that would strip_tags all tags, and you can also free certain tags from being deleted.

My question is: is there something similar in Java ??

+4

Shan Jul 28 '11 at 7:39

3 answers

You can try using the JSoup library. This API provides a clean method:

For an example, look here: Sanitize untrusted HTML :

 String unsafe = "<p><a href='http://example.com/' onclick='stealCookies()'>Link</a></p>"; String safe = Jsoup.clean(unsafe, Whitelist.basic()); // now: <p><a href="http://example.com/" rel="nofollow">Link</a></p>

+8

aioobe Jul 28 '11 at 7:44

Use may try JSoup. It is open source and available for download .

http://jsoup.org/apidocs/org/jsoup/Jsoup.html

+1

JK. Jul 28 '11 at 7:43

The OWASP Anit-Samy project does this (and much more) https://www.owasp.org/index.php/Category:OWASP_AntiSamy_Project

For easier verification, use the ESAPI Validator http://owasp-esapi-java.googlecode.com/svn/trunk_doc/latest/org/owasp/esapi/Validator.html

+1

chrisichris Jul 28 '11 at 7:45

All Articles