Class SanitizingConverter
java.lang.Object
org.primefaces.extensions.converter.SanitizingConverter
- All Implemented Interfaces:
Serializable,javax.faces.convert.Converter<Object>
public class SanitizingConverter
extends Object
implements javax.faces.convert.Converter<Object>, Serializable
Converter which sanitizes any input using an OWASP Java HTML Sanitizer PolicyFactory. Useful for cleansing input if going to be displayed in
outputText with escape="false".- Since:
- 10.0.5
- See Also:
-
Field Summary
Fields inherited from interface javax.faces.convert.Converter
DATETIMECONVERTER_DEFAULT_TIMEZONE_IS_SYSTEM_TIMEZONE_PARAM_NAME -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptiongetAsObject(javax.faces.context.FacesContext fc, javax.faces.component.UIComponent uic, String value) getAsString(javax.faces.context.FacesContext fc, javax.faces.component.UIComponent uic, Object o) org.owasp.html.PolicyFactorybooleanMethod to facilitate "mis-using" this class to sanitize data coming over the networkvoidsetDecodeHtml(boolean decodeHtml) voidsetPolicy(org.owasp.html.PolicyFactory policy)
-
Constructor Details
-
SanitizingConverter
public SanitizingConverter()
-
-
Method Details
-
sanitize
Method to facilitate "mis-using" this class to sanitize data coming over the network- Parameters:
value- the value to sanitize- Returns:
- sanitized string
-
getAsObject
public Object getAsObject(javax.faces.context.FacesContext fc, javax.faces.component.UIComponent uic, String value) - Specified by:
getAsObjectin interfacejavax.faces.convert.Converter<Object>
-
getAsString
public String getAsString(javax.faces.context.FacesContext fc, javax.faces.component.UIComponent uic, Object o) - Specified by:
getAsStringin interfacejavax.faces.convert.Converter<Object>
-
getPolicy
public org.owasp.html.PolicyFactory getPolicy() -
setPolicy
public void setPolicy(org.owasp.html.PolicyFactory policy) -
isDecodeHtml
public boolean isDecodeHtml() -
setDecodeHtml
public void setDecodeHtml(boolean decodeHtml)
-