Inspiring

Answered

How to create a Java array for use with jsoup addAttributes() ?

Forum|Forum|13 years ago
February 3, 2013
1 reply
3008 views

Hi. Has anyone used jsoup for cleaning up user-submitted HTML?

When I ask jsoup to add some extra attributes to its whitelist I get this error: "The addAttributes method was not found."

The addAttributes() method requires an array. I tried using a CF array, a Java array, and even a string, but nothing worked.

I'm using CF8. My test code is:

<cfset jsoup = createObject("java","org.jsoup.Jsoup")> <cfset whitelist = CreateObject("java", "org.jsoup.safety.Whitelist")> <cfset html="<div style='font-size:24pt;'>This is BIG text</div>. This is an unwanted script: <script>alert('Boo!')</script>.<br>"> <cfset myAttribsArray=[":all","style"]> <cfset myAttribsArray=javacast("string[]", myAttribsArray)> <cfset sanitized = jsoup.clean(html, Whitelist.relaxed().addAttributes(myAttribsArray))> <cfoutput> <textarea rows="10" cols="60"> #HtmlEditFormat(sanitized)#</textarea> </cfoutput>

The code works if I don't bother with addAttributes(), but I need to add the style attribute to the whitelist. Can anyone help please? Thanks.

The API reference for addAttributes() is here:
http://jsoup.org/apidocs/org/jsoup/safety/Whitelist.html#addAttributes

This topic has been closed for replies.

Correct answer Nathan_Mische

<bump>

Anyone use jsoup or know about sending an array to a Java object? Thanks.

You can see the setAttributes() method signature like so:

<cfset whitelist = CreateObject("java", "org.jsoup.safety.Whitelist")>
<cfdump var="#Whitelist.relaxed()#" />

If you run that you will see setAttributes() expects a string and a string array.

addAttributes(java.lang.String, java.lang.String[])

Given that, you need to do something like:

<cfscript>
 jsoup = CreateObject("java","org.jsoup.Jsoup");
 whitelist = CreateObject("java", "org.jsoup.safety.Whitelist");
 html="<div style='font-size:24pt;'>This is BIG text</div>. This is an unwanted script: <script>alert('Boo!')</script>.<br>";
 myKeys=["style"];
 sanitized = jsoup.clean(html, Whitelist.relaxed().addAttributes(":all" , JavaCast("string[]", myKeys)));
 WriteOutput("<textarea>#sanitized#</textarea>");
</cfscript>

D

Dan_Bracuk

Inspiring

I looked at the reference you posted and did not see anything about the requirement for an array.

Gary__FAuthor

Inspiring

Hi Dan. The addTags() method doesn't say it needs to be an array either, but it will only work if it's supplied by CF as an array. I got that tip from a Stackoverflow answer I found. Unfortunately it doesn't work for the addAttributess() method. I've tried supplying a string as well, trying to cover all posibilities.

addAttributes(":all","style")

addAttributes('":all","style"')

addAttributes([":all"],["style"])

addAttributes([":all","style"])

Gary__FAuthor

Inspiring

<bump>

Anyone use jsoup or know about sending an array to a Java object? Thanks.

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded