Open Sourced HTML filtering utility for Java. Used to parse user-submitted input and sanitize it against potential cross site scripting attacks, malicious html, or simply badly formed html.
Java HTML
Latest commit 4ceb1bd May 27, 2015 @bulvestad bulvestad Merge pull request #1 from finn-no/add_https_as_valid_protocol
Add https as valid protocol
Permalink
Failed to load latest commit information.
src
LICENSE.txt
README
pom.xml

README

Open Sourced HTML filtering utility for Java

    Front page: http://finn-no.github.com/xss-html-filter

This utility is a single class, HTMLFilter, which can be used to parse user-submitted input and sanitize it against potential cross site scripting attacks, malicious html, or simply badly formed html. This version, written in Java, is largely a translation of
lib_filter ( http://code.iamcal.com/php/lib_filter/ ), the original work of Cal Henderson ( http://www.iamcal.com/ ) written in PHP.


Processing HTML Input

Sample usage:

    // retrieve input from user...
    String input = ...
    String clean = new HTMLInputFilter().filter( input );

There's also an example using constretto: https://github.com/finn-no/xss-html-filter/wiki/Using-Constretto


Building with maven

To include xss-html-filter into a maven built project add the following to your pom.xml (in the corresponding sections)

 <dependency>
   <groupId>net.sf.xss-html-filter</groupId>
   <artifactId>xss-html-filter</artifactId>
   <version>1.5</version> <!-- remember to check for newer versions -->
 </dependency>

 <repository>
   <id>xss-html-filter releases</id>
   <name>xss-html-filter Releases Repository</name>
   <url>http://xss-html-filter.sf.net/releases/</url>
 </repository>