Interface ContentSecurityPolicyHTMLRewriter
public interface ContentSecurityPolicyHTMLRewriter
- Author:
- Iván Zaera Avellón
-
Method Summary
Modifier and TypeMethodDescriptionrewriteInlineEventHandlers
(String html, javax.servlet.http.HttpServletRequest httpServletRequest, boolean recursive) Transform a fragment of HTML extracting all inline event handlers (e.g.: onclick, onfocus, etc.) to a <script> node so that restrictive content security policies likescript-src-attr 'none';
do not prevent their execution.
-
Method Details
-
rewriteInlineEventHandlers
String rewriteInlineEventHandlers(String html, javax.servlet.http.HttpServletRequest httpServletRequest, boolean recursive) Transform a fragment of HTML extracting all inline event handlers (e.g.: onclick, onfocus, etc.) to a <script> node so that restrictive content security policies likescript-src-attr 'none';
do not prevent their execution.- Parameters:
html
- the HTML to transformhttpServletRequest
- needed to obtain the content security policy nonce to use in the <script> noderecursive
- whether to rewrite all nodes or only the top level ones- Returns:
- the transformed HTML
-