List of usage examples for org.jsoup.safety Whitelist basic
public static Whitelist basic()
This whitelist allows a fuller range of text nodes: a, b, blockquote, br, cite, code, dd, dl, dt, em, i, li, ol, p, pre, q, small, span, strike, strong, sub, sup, u, ul
, and appropriate attributes.
From source file:info.michaelchurch.arule.services.ContactEmailer.java
public void sendMessage(Comment comment) { String safeName = Jsoup.clean(comment.getName(), Whitelist.basic()); String safeEmail = Jsoup.clean(comment.getEmail(), Whitelist.basic()); String safePhone = Jsoup.clean(comment.getPhone(), Whitelist.basic()); String safeComment = Jsoup.clean(comment.getEnquiryText(), Whitelist.basic()); SimpleMailMessage message = new SimpleMailMessage(); message.setFrom("arule@michaelchurch.info"); message.setTo("michaelchurch256@hotmail.com"); message.setSubject("New feedback from website"); message.setText("User's name: " + safeName + "\n\nUser's email address: " + safeEmail + "\n\nUser's phone number: " + safePhone + "\n\nUser's enquiry: " + safeComment); mailSender.send(message);/*from w ww .j a va 2s . c om*/ }
From source file:com.manydesigns.portofino.pageactions.crud.AbstractCrudAction.java
/** * Returns the JSoup whitelist used to clean user-provided HTML in rich-text fields. * @return the default implementation returns the "basic" whitelist ({@see Whitelist#basic()}). *///w w w . j a v a2 s. com protected Whitelist getWhitelist() { return Whitelist.basic(); }
From source file:fr.eolya.extraction.tika.TikaWrapper.java
private void processWithPdfToText(InputStream input) { File tempFile = null;/*from w w w . j a va 2s. co m*/ File tempFile2 = null; try { if (input != null && pdfToTextPath != null && !"".equals(pdfToTextPath)) { // Get a local copy of the file tempFile = createTempFile("tmp", ".pdf", tmpPath); if (!writeToFile(tempFile, input)) return; meta2 = new HashMap<String, String>(); meta2.put(META_CONTENTSIZE, String.valueOf(tempFile.length())); tempFile2 = createTempFile("tmp", ".html", tmpPath); Shell sh = new Shell(); // Convert with PDFTOTEXT - pdftotext -enc UTF-8 -raw -q -htmlmeta -eol unix in.pdf out.html sh.exec(pdfToTextPath, "-enc", "UTF-8", "-raw", "-q", "-htmlmeta", "-eol", "unix", tempFile.getAbsolutePath(), tempFile2.getAbsolutePath()).consumeAsString(); tempFile.delete(); // Load in string and add the <meta http-equiv='Content-Type' content='text/html; charset=utf-8'> line InputStreamReader fr1 = new InputStreamReader(new FileInputStream(tempFile2), "UTF-8"); BufferedReader br1 = new BufferedReader(fr1); StringBuilder sb = new StringBuilder(); while (br1.ready()) { String line = br1.readLine(); sb.append(line).append("\n"); if ("</head>".equals(line)) { sb.append("<meta http-equiv='Content-Type' content='text/html; charset=utf-8'>") .append("\n"); } } br1.close(); tempFile2.delete(); meta2.put(META_CONTENTTYPE, CONTENT_TYPE_PDF); text = sb.toString(); Document doc = Jsoup.parse(text); if (doc != null) { meta2.put(META_TITLE, doc.select("title").text()); meta2.put(META_AUTHOR, getMetaContent(doc, "Author")); String creationDate = getMetaContent(doc, "CreationDate"); if (creationDate != null) { // 20130322143113Z00'00' -> 2013-03-22T14:31:13Z Pattern p = Pattern.compile("[0-9]{14}Z[0-9]{2}'[0-9]{2}'"); Matcher m = p.matcher(creationDate); if (m.find()) { String value = String.format("%1$s-%2$s-%3$sT%4$s:%5$s:%6$sZ", creationDate.substring(0, 4), creationDate.substring(4, 6), creationDate.substring(6, 8), creationDate.substring(8, 10), creationDate.substring(10, 12), creationDate.substring(12, 14)); meta2.put(META_CREATED, value); } else { // 20130322143113+02'00' -> 2013-03-22T14:31:13Z p = Pattern.compile("[0-9]{14}\\+[0-9]{2}'[0-9]{2}'"); m = p.matcher(creationDate); if (m.find()) { String value = String.format("%1$s-%2$s-%3$sT%4$s:%5$s:%6$sZ", creationDate.substring(0, 4), creationDate.substring(4, 6), creationDate.substring(6, 8), creationDate.substring(8, 10), creationDate.substring(10, 12), creationDate.substring(12, 14)); meta2.put(META_CREATED, value); } } } if (OUTPUT_FORMAT_TEXT.equals(outputFormat)) { Document doc2 = new Cleaner(Whitelist.basic()).clean(doc); text = doc2.body().text(); } } } } catch (Exception e) { if (tempFile != null && tempFile.exists()) tempFile.delete(); if (tempFile2 != null && tempFile2.exists()) tempFile2.delete(); e.printStackTrace(); text = null; meta2 = null; } }
From source file:com.lloydtorres.stately.helpers.SparkleHelper.java
/** * A formatter used to linkify @@nation@@ and %%region%% text in NationStates' happenings. * @param c App context//from w w w. j a v a2 s . com * @param t TextView * @param content Target content */ public static void setHappeningsFormatting(Context c, TextView t, String content) { String holder = "<base href=\"" + BASE_URI_NOSLASH + "\">" + content; holder = Jsoup.clean(holder, Whitelist.basic().preserveRelativeLinks(true).addTags("br").addTags("a")); holder = holder.replace("&#39;", "'"); holder = holder.replace("&", "&"); // Replace RMB links with targets to the RMB activity holder = regexDoubleReplace(holder, NS_RMB_POST_LINK, "<a href=\"" + MessageBoardActivity.RMB_TARGET + "%s/%s\">"); // Replace internal links with valid links holder = regexReplace(holder, NS_INTERNAL_LINK, "<a href=\"" + BASE_URI + "%s\">"); // Linkify nations (@@NATION@@) holder = linkifyHelper(c, t, holder, NS_HAPPENINGS_NATION, ExploreActivity.EXPLORE_NATION); holder = linkifyHelper(c, t, holder, NS_HAPPENINGS_REGION, ExploreActivity.EXPLORE_REGION); if (holder.contains("EO:")) { String[] newTargets = holder.split(":"); String newTarget = newTargets[1].substring(0, newTargets[1].length() - 1); String template = String.format(Locale.US, c.getString(R.string.region_eo), holder); holder = activityLinkBuilder(c, t, template, "EO:" + newTarget + ".", getNameFromId(newTarget), ExploreActivity.EXPLORE_REGION); } if (holder.contains("EC:")) { String[] newTargets = holder.split(":"); String newTarget = newTargets[1].substring(0, newTargets[1].length() - 1); String template = String.format(Locale.US, c.getString(R.string.region_ec), holder); holder = activityLinkBuilder(c, t, template, "EC:" + newTarget + ".", getNameFromId(newTarget), ExploreActivity.EXPLORE_REGION); } // In case there are no nations or regions to linkify, set and style TextView here too t.setText(fromHtml(holder)); styleLinkifiedTextView(c, t); }
From source file:org.b3log.symphony.service.MailMgmtService.java
/** * Send weekly newsletter.//from w w w. ja v a 2 s .c om */ public void sendWeeklyNewsletter() { final Calendar calendar = Calendar.getInstance(); final int hour = calendar.get(Calendar.HOUR_OF_DAY); final int minute = calendar.get(Calendar.MINUTE); if (13 != hour || 55 > minute) { return; } if (weeklyNewsletterSending) { return; } weeklyNewsletterSending = true; LOGGER.info("Sending weekly newsletter...."); final long now = System.currentTimeMillis(); final long sevenDaysAgo = now - 1000 * 60 * 60 * 24 * 7; try { final int memberCount = optionRepository.get(Option.ID_C_STATISTIC_MEMBER_COUNT) .optInt(Option.OPTION_VALUE); final int userSize = memberCount / 7; // select receivers final Query toUserQuery = new Query(); toUserQuery.setCurrentPageNum(1).setPageCount(1).setPageSize(userSize) .setFilter(CompositeFilterOperator.and( new PropertyFilter(UserExt.USER_SUB_MAIL_SEND_TIME, FilterOperator.LESS_THAN_OR_EQUAL, sevenDaysAgo), new PropertyFilter(UserExt.USER_LATEST_LOGIN_TIME, FilterOperator.LESS_THAN_OR_EQUAL, sevenDaysAgo), new PropertyFilter(UserExt.USER_SUB_MAIL_STATUS, FilterOperator.EQUAL, UserExt.USER_SUB_MAIL_STATUS_ENABLED), new PropertyFilter(UserExt.USER_STATUS, FilterOperator.EQUAL, UserExt.USER_STATUS_C_VALID))) .addSort(Keys.OBJECT_ID, SortDirection.ASCENDING); final JSONArray receivers = userRepository.get(toUserQuery).optJSONArray(Keys.RESULTS); if (receivers.length() < 1) { LOGGER.info("No user need send newsletter"); return; } final Set<String> toMails = new HashSet<>(); final Transaction transaction = userRepository.beginTransaction(); for (int i = 0; i < receivers.length(); i++) { final JSONObject user = receivers.optJSONObject(i); final String email = user.optString(User.USER_EMAIL); if (Strings.isEmail(email)) { toMails.add(email); user.put(UserExt.USER_SUB_MAIL_SEND_TIME, now); userRepository.update(user.optString(Keys.OBJECT_ID), user); } } transaction.commit(); // send to admins by default final List<JSONObject> admins = userRepository.getAdmins(); for (final JSONObject admin : admins) { toMails.add(admin.optString(User.USER_EMAIL)); } // select nice articles final Query articleQuery = new Query(); articleQuery.setCurrentPageNum(1).setPageCount(1) .setPageSize(Symphonys.getInt("sendcloud.batch.articleSize")) .setFilter(CompositeFilterOperator.and( new PropertyFilter(Article.ARTICLE_CREATE_TIME, FilterOperator.GREATER_THAN_OR_EQUAL, sevenDaysAgo), new PropertyFilter(Article.ARTICLE_TYPE, FilterOperator.EQUAL, Article.ARTICLE_TYPE_C_NORMAL), new PropertyFilter(Article.ARTICLE_STATUS, FilterOperator.EQUAL, Article.ARTICLE_STATUS_C_VALID))) .addSort(Article.ARTICLE_COMMENT_CNT, SortDirection.DESCENDING) .addSort(Article.REDDIT_SCORE, SortDirection.DESCENDING); final List<JSONObject> articles = CollectionUtils .jsonArrayToList(articleRepository.get(articleQuery).optJSONArray(Keys.RESULTS)); articleQueryService.organizeArticles(UserExt.USER_AVATAR_VIEW_MODE_C_STATIC, articles); String mailSubject = ""; int goodCnt = 0; for (final JSONObject article : articles) { String content = article.optString(Article.ARTICLE_CONTENT); content = Emotions.convert(content); content = Markdowns.toHTML(content); content = Jsoup.clean(Jsoup.parse(content).text(), Whitelist.basic()); if (StringUtils.length(content) > 72) { content = StringUtils.substring(content, 0, 72) + "...."; } article.put(Article.ARTICLE_CONTENT, content); final int gc = article.optInt(Article.ARTICLE_GOOD_CNT); if (gc >= goodCnt) { mailSubject = article.optString(Article.ARTICLE_TITLE); goodCnt = gc; } } // select nice users final int RANGE_SIZE = 64; final int SELECT_SIZE = 6; final Query userQuery = new Query(); userQuery.setCurrentPageNum(1).setPageCount(1).setPageSize(RANGE_SIZE) .setFilter(new PropertyFilter(UserExt.USER_STATUS, FilterOperator.EQUAL, UserExt.USER_STATUS_C_VALID)) .addSort(UserExt.USER_ARTICLE_COUNT, SortDirection.DESCENDING) .addSort(UserExt.USER_COMMENT_COUNT, SortDirection.DESCENDING); final JSONArray rangeUsers = userRepository.get(userQuery).optJSONArray(Keys.RESULTS); final List<Integer> indices = CollectionUtils.getRandomIntegers(0, RANGE_SIZE, SELECT_SIZE); final List<JSONObject> users = new ArrayList<>(); for (final Integer index : indices) { users.add(rangeUsers.getJSONObject(index)); } for (final JSONObject selectedUser : users) { avatarQueryService.fillUserAvatarURL(UserExt.USER_AVATAR_VIEW_MODE_C_STATIC, selectedUser); } final Map<String, Object> dataModel = new HashMap<>(); dataModel.put(Article.ARTICLES, (Object) articles); dataModel.put(User.USERS, (Object) users); final String fromName = langPropsService.get("symphonyEnLabel") + " " + langPropsService.get("weeklyEmailFromNameLabel", Latkes.getLocale()); Mails.batchSendHTML(fromName, mailSubject, new ArrayList<>(toMails), Mails.TEMPLATE_NAME_WEEKLY, dataModel); LOGGER.info("Sent weekly newsletter [" + toMails.size() + "]"); } catch (final Exception e) { LOGGER.log(Level.ERROR, "Sends weekly newsletter failed", e); } finally { weeklyNewsletterSending = false; } }
From source file:org.eclipse.skalli.services.extension.validators.WhitelistValidatorTest.java
@Test public void testIsValid() throws Exception { WhitelistValidator validator = new WhitelistValidator(Severity.FATAL, TestExtension.class, TestExtension.PROPERTY_STR, Whitelist.basic()); Assert.assertTrue(validator.isValid(TestUUIDs.TEST_UUIDS[0], "foobar")); Assert.assertTrue(validator.isValid(TestUUIDs.TEST_UUIDS[0], "<b>foobar</b>")); Assert.assertFalse(validator.isValid(TestUUIDs.TEST_UUIDS[0], "<script>alert('Gotcha!')</script>")); }
From source file:org.eclipse.skalli.services.extension.validators.WhitelistValidatorTest.java
private void assertNoIssues(String s) { WhitelistValidator validator = new WhitelistValidator(Severity.FATAL, TestExtension.class, TestExtension.PROPERTY_STR, Whitelist.basic()); SortedSet<Issue> issues = validator.validate(TestUUIDs.TEST_UUIDS[0], s, Severity.FATAL); Assert.assertNotNull(issues);/*from w w w . j a v a2 s. c o m*/ Assert.assertEquals(0, issues.size()); }
From source file:org.eclipse.skalli.services.extension.validators.WhitelistValidatorTest.java
private void assertHasIssue(String s) { WhitelistValidator validator = new WhitelistValidator(Severity.FATAL, TestExtension.class, TestExtension.PROPERTY_STR, Whitelist.basic()); SortedSet<Issue> issues = validator.validate(TestUUIDs.TEST_UUIDS[0], s, Severity.FATAL); Assert.assertNotNull(issues);//from w w w .j a va 2 s . c o m Assert.assertEquals(1, issues.size()); Assert.assertEquals(TestUUIDs.TEST_UUIDS[0], issues.first().getEntityId()); Assert.assertEquals(TestExtension.class, issues.first().getExtension()); Assert.assertEquals(TestExtension.PROPERTY_STR, issues.first().getPropertyId()); Assert.assertEquals(Severity.FATAL, issues.first().getSeverity()); Assert.assertTrue(issues.first().getMessage().contains(StringEscapeUtils.escapeHtml(s))); }
From source file:org.javalite.activeweb.HttpSupport.java
/** * Cleans HTML from harmful tags, making XSS impossible. * <p>For example, input like this:</p> * * <pre>//from ww w . j a va2s .co m * <html><script> alert('hello');</script><div>this is a clean part</div></html> * </pre> * * Will produce output like this: * * <pre> * this is a clean part * </pre> * * @param unsafeContent unsafe content. Something that an end user typed into a text area, or input that may include * a script tag or other garbage. * @return sanitized version of input */ protected String sanitize(String unsafeContent) { return Jsoup.clean(unsafeContent, Whitelist.basic()); }
From source file:serposcope.controllers.google.GoogleGroupController.java
@FilterWith({ XSRFFilter.class, AdminFilter.class }) public Result addEvent(Context context, @Param("day") String day, @Param("title") String title, @Param("description") String description, @Param("redir-search") Integer redirSearchId, @Param("redir-target") Integer redirTargetId) { FlashScope flash = context.getFlashScope(); Group group = context.getAttribute("group", Group.class); Event event = new Event(); event.setGroupId(group.getId());//w w w . j a va 2 s.com try { event.setDay(LocalDate.parse(day)); } catch (Exception ex) { } if (event.getDay() == null) { flash.error("error.invalidDate"); return Results.redirect( router.getReverseRoute(GoogleGroupController.class, "view", "groupId", group.getId())); } if (Validator.isEmpty(title)) { flash.error("error.invalidTitle"); return Results.redirect( router.getReverseRoute(GoogleGroupController.class, "view", "groupId", group.getId())); } if (baseDB.event.find(group, event.getDay()) != null) { flash.error("google.group.alreadyEventForThisDate"); return Results.redirect( router.getReverseRoute(GoogleGroupController.class, "view", "groupId", group.getId())); } event.setTitle(title); event.setDescription(Jsoup.clean(description == null ? "" : description, Whitelist.basic())); if (!baseDB.event.insert(event)) { flash.error("error.internalError"); return Results.redirect( router.getReverseRoute(GoogleGroupController.class, "view", "groupId", group.getId())); } flash.success("google.group.eventInserted"); if (redirSearchId != null) { return Results.redirect(router.getReverseRoute(GoogleSearchController.class, "search", "groupId", group.getId(), "searchId", redirSearchId)); } if (redirTargetId != null) { return Results.redirect(router.getReverseRoute(GoogleTargetController.class, "target", "groupId", group.getId(), "targetId", redirTargetId)); } return Results .redirect(router.getReverseRoute(GoogleGroupController.class, "view", "groupId", group.getId())); }