Thank you Martin! This is exactly what I was looking for.
2017-02-09 13:03 GMT+01:00 Martin Grigorov <mgrigo...@apache.org>:
> Hi,
>
> Check https://jsoup.org/cookbook/cleaning-html/whitelist-sanitizer
>
> Martin Grigorov
> Wicket Training and Consulting
> https://twitter.com/mtgrigorov
>
> On Thu, Feb 9, 2017 at 12:50 PM, daniel simko <dan.si...@gmail.com> wrote:
>
> > Hello,
> >
> > I would like to ask you whether there is some safe way how to display
> html
> > output from some rich editor (e.g. TinyMCE)? In order to display html it
> is
> > necessary to switch off model escaping [1] which is opening a door for
> XSS.
> > I was thinking about some converter [2] which would escape only JS
> related
> > stuff (e.g.