From e4eff4f8e995ad13c1f33b477443b544e8afa97b Mon Sep 17 00:00:00 2001 From: Mike Samuel Date: Sat, 20 Apr 2019 15:17:39 -0400 Subject: [PATCH] documented --- src/main/java/org/owasp/html/HtmlChangeListener.java | 9 +++++++++ src/main/java/org/owasp/html/HtmlChangeReporter.java | 2 +- 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/src/main/java/org/owasp/html/HtmlChangeListener.java b/src/main/java/org/owasp/html/HtmlChangeListener.java index 67a7fe11..1ac1ee35 100644 --- a/src/main/java/org/owasp/html/HtmlChangeListener.java +++ b/src/main/java/org/owasp/html/HtmlChangeListener.java @@ -34,6 +34,15 @@ * Receives events when an HTML tag, or attribute is discarded. * This can be hooked into an intrusion detection system to alert code when * suspicious HTML passes through the sanitizer. + *

+ * Note: If a string sanitizes with no change notifications, it is not the case + * that the input string is necessarily safe to use. + * Only use the output of the sanitizer. + * The sanitizer ensures that the output is in a sub-set of HTML that commonly + * used HTML parsers will agree on the meaning of, but the absence of + * notifications does not mean that the input is in such a sub-set, + * only that it does not contain structural features that were removed. + *

*/ public interface HtmlChangeListener { diff --git a/src/main/java/org/owasp/html/HtmlChangeReporter.java b/src/main/java/org/owasp/html/HtmlChangeReporter.java index e32f912c..74ce94b7 100644 --- a/src/main/java/org/owasp/html/HtmlChangeReporter.java +++ b/src/main/java/org/owasp/html/HtmlChangeReporter.java @@ -35,7 +35,7 @@ import javax.annotation.Nullable; /** - * Sits between the HTML parser, and then policy, and the renderer so that it + * Sits between the HTML parser, the policy, and the renderer so that it * can report dropped elements and attributes to an {@link HtmlChangeListener}. * *