Skip to content
master
Go to file
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
src
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

README.md

grails-xss-sanitizer

Build Status Download Slack Signup

Grails 3 plugin for sanitizing XSS from the user input. This is a port of the Grails 2.x version by @tonyzampogna (Tony Zampogna) https://github.com/tonyzampogna/XssSanitizer

This plugin uses OWASP ESAPI library to sanitize request parameters. This reduces the risk of dangerous XSS request parameters possibly being rendered on the client.

Installation

Add the following dependencies in build.gradle

dependencies {
...
    compile 'org.grails.plugins:grails-xss-sanitizer:1.1.+'
...
}

Description

This plugin will add the automatic ability to strip / clean out unwanted XSS code in the browser. The plugin strips code that comes in via the request object. Also, any Servlets will use an extend HttpServletRequest so that request parameters used from that servlet will be stripped as well.

Just adding this plugin to you project with the installation instructions above and adding the following Config will activate it:

	xssSanitizer:
	     enabled: true

There is an XssSanitizerUtil class that can also be used to strip strings out.

Sponsors

Alt text

YourKit supports open source projects with its full-featured Java Profiler. YourKit, LLC is the creator of YourKit Java Profiler and YourKit .NET Profiler, innovative and intelligent tools for profiling Java and .NET applications.

You can’t perform that action at this time.