I'm not 100% sure, but shouldn't something close to this work? PolicyFactory policy = new HtmlPolicyBuilder() .allowElements("a") .allowUrlProtocols("https") .allowAttributes("href").onElements("a") .allowAttributes("target").onElements("a") .requireRelNofollowOnLinks() .build(); String safeHTML = policy.sanitize(untrustedHTML); Aloha, Jim
Hello! Can anyone cay how can I make htmlsatizer to add attribute target="_blank" to links. I want that every link the user added has this attribute with such value.
--
Александр Свиридов --
You received this message because you are subscribed to the Google Groups "OWASP Java HTML Sanitizer Support" group.
To unsubscribe from this group and stop receiving emails from it, send an email to owasp-java-html-saniti...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
return new org.owasp.html.HtmlPolicyBuilder()
.allowElements( new ElementPolicy() {
public String apply(final String elementName, final List<String> attrs) {
attrs.add("target"); attrs.add("_blank");
return null; } }, "a")
.allowUrlProtocols("https") .allowAttributes( "href" ).onElements( "a" )
.requireRelNofollowOnLinks() .toFactory();
> For more options, visit https://groups.google.com/d/optout.
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "OWASP Java HTML Sanitizer Support" group.
> To unsubscribe from this group and stop receiving emails from it, send an