Package org.owasp.validator.html.model
Class Tag
- java.lang.Object
-
- org.owasp.validator.html.model.Tag
-
public class Tag extends java.lang.Object
A model for HTML "tags" and the rules dictating their validation/filtration. Also contains information about their allowed attributes. There is also some experimental (unused) code in here for generating a valid regular expression according to a policy file on a per-tag basis.- Author:
- Arshan Dabirsiaghi
-
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description java.lang.String
getAction()
Attribute
getAttributeByName(java.lang.String name)
Returns anAttribute
associated with a lookup name.java.lang.String
getName()
java.lang.String
getRegularExpression()
Returns a regular expression for validating individual tags.boolean
isAction(java.lang.String action)
Indicates if the action for this tag matches the supplied actionTag
mutateAction(java.lang.String action)
-
-
-
Constructor Detail
-
Tag
public Tag(java.lang.String name, java.util.Map<java.lang.String,Attribute> tagAttributes, java.lang.String action)
-
-
Method Detail
-
getAction
public java.lang.String getAction()
- Returns:
- The action for this tag which is one of
filter
,validate
orremove
.
-
isAction
public boolean isAction(java.lang.String action)
Indicates if the action for this tag matches the supplied action- Parameters:
action
- The action to match against- Returns:
- True if it matches
-
mutateAction
public Tag mutateAction(java.lang.String action)
-
getRegularExpression
public java.lang.String getRegularExpression()
Returns a regular expression for validating individual tags. Not used by the AntiSamy scanner, but you might find some use for this.- Returns:
- A regular expression for the tag, i.e., "^$", or "
"
-
getName
public java.lang.String getName()
- Returns:
- The String name of the tag.
-
getAttributeByName
public Attribute getAttributeByName(java.lang.String name)
Returns anAttribute
associated with a lookup name.- Parameters:
name
- The name of the allowed attribute by name.- Returns:
- The
Attribute
object associated with the name, or
-
-