Interface ContentSecurityPolicyHTMLRewriter
public interface ContentSecurityPolicyHTMLRewriter
- Author:
- Iván Zaera Avellón
-
Method Summary
Modifier and TypeMethodDescriptionrewriteInlineAttributes
(String html, javax.servlet.http.HttpServletRequest httpServletRequest, boolean recursive) Transform a fragment of HTML extracting all inline event handlers (e.g.: onclick, onfocus, etc.) to a <script> node and inline styles (e.g.: style="color: red;...") to a <style> node so that restrictive content security policies likescript-src-attr 'none';
do not prevent their execution.
-
Method Details
-
rewriteInlineAttributes
String rewriteInlineAttributes(String html, javax.servlet.http.HttpServletRequest httpServletRequest, boolean recursive) Transform a fragment of HTML extracting all inline event handlers (e.g.: onclick, onfocus, etc.) to a <script> node and inline styles (e.g.: style="color: red;...") to a <style> node so that restrictive content security policies likescript-src-attr 'none';
do not prevent their execution.- Parameters:
html
- the HTML to transformhttpServletRequest
- needed to obtain the content security policy nonce to use in the <script> noderecursive
- whether to rewrite all nodes or only the top level ones- Returns:
- the transformed HTML
-