Is there a declarative way to define a Policy that does not require recompiling after a policy change?

Yaw Anku

unread,

Apr 30, 2014, 2:13:14 AM4/30/14

to owasp-java-html-...@googlegroups.com

Mike Samuel

unread,

Apr 30, 2014, 2:26:16 PM4/30/14

to owasp-java-html-...@googlegroups.com

You don't need to define any new classes to define a policy, so it
should be possible to use Rhino/JSR 223/Nashorn to create a policy by
driving the HtmlPolicyBuilder from JavaScript.

2014-04-30 2:13 GMT-04:00 Yaw Anku <chief...@gmail.com>:
>
> --
> You received this message because you are subscribed to the Google Groups
> "OWASP Java HTML Sanitizer Support" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to owasp-java-html-saniti...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.

Johannes Lichtenberger

unread,

Jun 12, 2014, 5:19:47 AM6/12/14

to owasp-java-html-...@googlegroups.com, mikes...@gmail.com

Or probably via a configuration file!?

Am Mittwoch, 30. April 2014 20:26:16 UTC+2 schrieb Mike Samuel:

You don't need to define any new classes to define a policy, so it
should be possible to use Rhino/JSR 223/Nashorn to create a policy by
driving the HtmlPolicyBuilder from JavaScript.

2014-04-30 2:13 GMT-04:00 Yaw Anku <chief...@gmail.com>:
>
> --
> You received this message because you are subscribed to the Google Groups
> "OWASP Java HTML Sanitizer Support" group.
> To unsubscribe from this group and stop receiving emails from it, send an

> email to owasp-java-html-sanitizer-support+unsubscribe@googlegroups.com.

Reply all

Reply to author

Forward