rombert commented on code in PR #28:
URL:
https://github.com/apache/sling-org-apache-sling-xss/pull/28#discussion_r944378167
##########
src/main/java/org/apache/sling/xss/impl/PolicyHandler.java:
##########
@@ -21,28 +21,22 @@
import java.io.InputStream;
import org.apache.commons.io.IOUtils;
-import org.owasp.validator.html.AntiSamy;
-import org.owasp.validator.html.Policy;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
+import org.apache.sling.xss.impl.xml.AntiSamyPolicy;
/**
* Class that provides the capability of securing input provided as plain text
for HTML output.
*/
public class PolicyHandler {
-
- private final Logger logger = LoggerFactory.getLogger(getClass());
-
- private final Policy policy;
- private Policy fallbackPolicy;
- private AntiSamy antiSamy;
- private AntiSamy fallbackAntiSamy;
+ private final AntiSamyPolicy policy;
+ private AntiSamyPolicy fallbackPolicy;
+ private HtmlSanitizer htmlSanitizer;
+ private HtmlSanitizer fallbackHtmlSanitizer;
/**
* Creates a {@code PolicyHandler} from an {@link InputStream}.
*
- * @param policyStream the InputStream from which to read this handler's
{@link Policy}
+ * @param policyStream the InputStream from which to read this handler's
{@link AntiSamyPolicy}
*/
public PolicyHandler(InputStream policyStream) throws Exception {
// fix for classloader issue with IBM JVM: see bug #31946
Review Comment:
Please remove the work around setting the context class laoder.
##########
src/main/java/org/apache/sling/xss/impl/PolicyHandler.java:
##########
@@ -21,28 +21,22 @@
import java.io.InputStream;
import org.apache.commons.io.IOUtils;
-import org.owasp.validator.html.AntiSamy;
-import org.owasp.validator.html.Policy;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
+import org.apache.sling.xss.impl.xml.AntiSamyPolicy;
/**
* Class that provides the capability of securing input provided as plain text
for HTML output.
*/
public class PolicyHandler {
-
- private final Logger logger = LoggerFactory.getLogger(getClass());
-
- private final Policy policy;
- private Policy fallbackPolicy;
- private AntiSamy antiSamy;
- private AntiSamy fallbackAntiSamy;
+ private final AntiSamyPolicy policy;
+ private AntiSamyPolicy fallbackPolicy;
+ private HtmlSanitizer htmlSanitizer;
+ private HtmlSanitizer fallbackHtmlSanitizer;
/**
* Creates a {@code PolicyHandler} from an {@link InputStream}.
*
- * @param policyStream the InputStream from which to read this handler's
{@link Policy}
+ * @param policyStream the InputStream from which to read this handler's
{@link AntiSamyPolicy}
*/
public PolicyHandler(InputStream policyStream) throws Exception {
// fix for classloader issue with IBM JVM: see bug #31946
Review Comment:
Please remove the work around setting the context class loader.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
