Commit 1d32e77c authored by Matija Obreza's avatar Matija Obreza
Browse files

Relaxed HTML policy

parent 86722552
......@@ -46,13 +46,17 @@ public class OWASPSanitizer implements HtmlSanitizer {
.allowAttributes("lang")
.matching(Pattern.compile("[a-zA-Z]{2,20}"))
.globally()
// Allow class= with an alphabetic value on div and span elements.
.allowAttributes("class")
.matching(Pattern.compile("[a-zA-Z\\- ]{2,50}"))
.onElements("div", "span")
// Align
.allowAttributes("align")
.matching(true, "center", "left", "right", "justify", "char")
.onElements("p", "table")
// Elements
.allowElements("table", "thead", "tbody", "tr", "td", "th", "tfoot", "a", "p", "div", "i", "b", "em", "blockquote", "tt", "strong", "br", "ul",
"ol", "li", "h2", "h3", "h4", "small")
"ol", "li", "h1", "h2", "h3", "h4", "small", "pre", "code")
// Get factory
.toFactory();
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment