Join GitHub today
GitHub is home to over 36 million developers working together to host and review code, manage projects, and build software together.Sign up
Table of Contents
The OWASP Java Encoder provides:
- Output Encoding functions to help stop XSS
- Java 1.5+ standalone library
The OWASP Java Encoder is a Java 1.5+ simple-to-use drop-in high-performance encoder class with no dependencies and little baggage. This project will help Java web developers defend against Cross Site Scripting!
The OWASP Java Encoder library is intended for quick contextual encoding with very little overhead, either in performance or usage. To get started, simply add the encoder-1.2.jar, import org.owasp.encoder.Encode and start encoding.
Please look at the javadoc for Encode to see the variety of contexts for which you can encode. Tag libraries and JSP EL functions can be found in the encoder-jsp-1.2.jar.
The OWASP Java Encoder is free to use under the New BSD License.
- (Feb 2017) 1.2.1 Released
- (Apr 2015) 1.2 Released
- (Apr 2015) Moved to GitHub
- (Feb 2015) Removed ThreadLocal use from trunk
- (20 Mar 2014) Doc additions
- (5 Feb 2014) New Wiki
- (4 Feb 2014) 1.1.1 Released