I am looking for a java library which can be used to sanitize html input taken from a form. I'd like to be able to specify tags are 'allowed' and strip all others from a java String made up of html. There seem to be a couple of versions of this written in ruby and perl but I haven't been able to find any written in java. I wanted to check here if anyone had addressed this problem in java before attempting to write my own.
On your way in you may have missed that JavaRanch has a policy on display names, and yours does not comply with it; specifically, a first name and a last name are required. Please adjust it accordingly, which you can do right here. Thanks for your prompt attention to this matter.
As to your question, have a look at libraries like NekoXNI, JTidy and TagSoup. I'm not sure they let you specify what to keep and what to drop, but they'll give you something that's much easier to work with.
I’ve looked at a lot of different solutions, and in my humble opinion Aspose is the way to go. Here’s the link: http://aspose.com