org.apache.shindig.gadgets.render
Class SanitizingGadgetRewriter

java.lang.Object
  org.apache.shindig.gadgets.rewrite.DomWalker.Rewriter
      org.apache.shindig.gadgets.render.SanitizingGadgetRewriter

All Implemented Interfaces:

GadgetRewriter, ResponseRewriter

public class SanitizingGadgetRewriter
extends DomWalker.Rewriter

A content rewriter that will sanitize output for simple 'badge' like display. This is intentionally not as robust as Caja. It is a simple element whitelist. It can not be used for sanitizing either javascript or CSS. CSS is desired in the long run, but it can't be proven safe in the short term. Generally used in conjunction with a gadget that gets its dynamic behavior externally (proxied rendering, OSML, etc.)

Nested Class Summary

static interface	SanitizingGadgetRewriter.AllowedAttributes
static interface	SanitizingGadgetRewriter.AllowedTags
static class	SanitizingGadgetRewriter.Bypass

Constructor Summary

SanitizingGadgetRewriter(Set<String> allowedTags, Set<String> allowedAttributes, ContentRewriterFeature.Factory rewriterFeatureFactory, CajaCssSanitizer cssSanitizer, ProxyUriManager proxyUriManager)

Method Summary

static void	bypassSanitization(Element element, boolean includingChildren) Marks that an element and all its attributes are trusted content.
static SanitizingGadgetRewriter.Bypass	canBypassSanitization(Element element)
static boolean	isSanitizedRenderingRequest(Gadget gadget) Is the Gadget to be rendered sanitized?
void	rewrite(Gadget gadget, MutableContent content) Performs the DomWalker rewrite operation described in class javadoc.

Methods inherited from class org.apache.shindig.gadgets.rewrite.DomWalker.Rewriter

makeVisitors, rewrite

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SanitizingGadgetRewriter

@Inject
public SanitizingGadgetRewriter(Set<String> allowedTags,
                                       Set<String> allowedAttributes,
                                       ContentRewriterFeature.Factory rewriterFeatureFactory,
                                       CajaCssSanitizer cssSanitizer,
                                       ProxyUriManager proxyUriManager)

Method Detail

isSanitizedRenderingRequest

public static boolean isSanitizedRenderingRequest(Gadget gadget)

Is the Gadget to be rendered sanitized?

Returns:

true if sanitization will be enabled

bypassSanitization

public static void bypassSanitization(Element element,
                                      boolean includingChildren)

Marks that an element and all its attributes are trusted content. This status is preserved across Node.cloneNode(boolean) calls. Be extremely careful when using this, especially with includingChildren set to true, as untrusted content that gets inserted (e.g, via os:RenderAll in templating) would become trusted.

Parameters:

element - the trusted element

includingChildren - if true, children of this element will are also trusted. Never set this to true on an element that will ever have untrusted children inserted (e.g., if it contains or may contain os:Render).

rewrite

public void rewrite(Gadget gadget,
                    MutableContent content)
             throws RewritingException

Description copied from class: DomWalker.Rewriter

Performs the DomWalker rewrite operation described in class javadoc.

Specified by:

rewrite in interface GadgetRewriter

Overrides:

rewrite in class DomWalker.Rewriter

Parameters:

gadget - Gadget to rewrite.

content - the content of the gadget to be manipulated.

Throws:

RewritingException

canBypassSanitization

public static SanitizingGadgetRewriter.Bypass canBypassSanitization(Element element)