wood burning stoves 2.0*
The moose likes Servlets and the fly likes Sanitizing HTML input in java Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Java » Servlets
Bookmark "Sanitizing HTML input in java" Watch "Sanitizing HTML input in java" New topic

Sanitizing HTML input in java

Rich Davies

Joined: Jul 31, 2006
Posts: 2
Hi all,

I am looking for a java library which can be used to sanitize html input taken from a form. I'd like to be able to specify tags are 'allowed' and strip all others from a java String made up of html. There seem to be a couple of versions of this written in ruby and perl but I haven't been able to find any written in java. I wanted to check here if anyone had addressed this problem in java before attempting to write my own.


Ulf Dittmer

Joined: Mar 22, 2005
Posts: 41089
Hello "Rich Rich"-

Welcome to JavaRanch.

On your way in you may have missed that JavaRanch has a policy on display names, and yours does not comply with it; specifically, a first name and a last name are required. Please adjust it accordingly, which you can do right here. Thanks for your prompt attention to this matter.

As to your question, have a look at libraries like NekoXNI, JTidy and TagSoup. I'm not sure they let you specify what to keep and what to drop, but they'll give you something that's much easier to work with.

Ping & DNS - my free Android networking tools app
It is sorta covered in the JavaRanch Style Guide.
subject: Sanitizing HTML input in java
Similar Threads
IBM XML Parser to generate HTML output
Dynamic Struts?
Getting the value of a input box in an applet?
Html generated dynamically with java script
Binding a input character stream to an HTML page transmitted over HTTP