cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Exit
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
  • 한국 커뮤니티
0
Upvote

How to create a Java array for use with jsoup addAttributes() ?

Gary__F
Contributor ,
Feb 02, 2013 Feb 02, 2013

Hi. Has anyone used jsoup for cleaning up user-submitted HTML?

When I ask jsoup to add some extra attributes to its whitelist I get this error: "The addAttributes method was not found."

The addAttributes() method requires an array. I tried using a CF array, a Java array, and even a string, but nothing worked.

I'm using CF8. My test code is:

<cfset jsoup = createObject("java","org.jsoup.Jsoup")>
<cfset whitelist = CreateObject("java", "org.jsoup.safety.Whitelist")>
<cfset html="<div style='font-size:24pt;'>This is BIG text</div>. This is an unwanted script: <script>alert('Boo!')</script>.<br>">
<cfset myAttribsArray=[":all","style"]>
<cfset myAttribsArray=javacast("string[]", myAttribsArray)>
<cfset sanitized = jsoup.clean(html, Whitelist.relaxed().addAttributes(myAttribsArray))>
<cfoutput>
<textarea rows="10" cols="60"> #HtmlEditFormat(sanitized)#</textarea>
</cfoutput>

The code works if I don't bother with addAttributes(), but I need to add the style attribute to the whitelist. Can anyone help please? Thanks.

The API reference for addAttributes() is here:
http://jsoup.org/apidocs/org/jsoup/safety/Whitelist.html#addAttributes

TOPICS
Advanced techniques
3.1K
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines

correct answers 1 Correct answer

Nathan_Mische
Explorer , Mar 29, 2013 Mar 29, 2013

You can see the setAttributes() method signature like so:

<cfset whitelist = CreateObject("java", "org.jsoup.safety.Whitelist")>
<cfdump var="#Whitelist.relaxed()#" />

If you run that you will see setAttributes() expects a string and a string array.

addAttributes(java.lang.String, java.lang.String[])

Given that, you need to do something like:

<cfscript>
 jsoup = CreateObject("java","org.jsoup.Jsoup");
 whitelist = CreateObject("java", "org.jsoup.safety.Whitelist");
 html="<div style='font-size:24pt;'>Thi
...
Translate
replies 5 Replies 5
latest latest Jump to latest reply
Dan_Bracuk
LEGEND ,
Feb 02, 2013 Feb 02, 2013

I looked at the reference you posted and did not see anything about the requirement for an array. 

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Gary__F
Contributor ,
Feb 03, 2013 Feb 03, 2013
In Response To Dan_Bracuk

Hi Dan. The addTags() method doesn't say it needs to be an array either, but it will only work if it's supplied by CF as an array. I got that tip from a Stackoverflow answer I found. Unfortunately it doesn't work for the addAttributess() method. I've tried supplying a string as well, trying to cover all posibilities.

addAttributes(":all","style")

addAttributes('":all","style"')

addAttributes([":all"],["style"])

addAttributes([":all","style"])

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Gary__F
Contributor ,
Mar 29, 2013 Mar 29, 2013
In Response To Gary__F

<bump>

Anyone use jsoup or know about sending an array to a Java object? Thanks.

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Nathan_Mische
Explorer ,
Mar 29, 2013 Mar 29, 2013
In Response To Gary__F

You can see the setAttributes() method signature like so:

<cfset whitelist = CreateObject("java", "org.jsoup.safety.Whitelist")>
<cfdump var="#Whitelist.relaxed()#" />

If you run that you will see setAttributes() expects a string and a string array.

addAttributes(java.lang.String, java.lang.String[])

Given that, you need to do something like:

<cfscript>
 jsoup = CreateObject("java","org.jsoup.Jsoup");
 whitelist = CreateObject("java", "org.jsoup.safety.Whitelist");
 html="<div style='font-size:24pt;'>This is BIG text</div>. This is an unwanted script: <script>alert('Boo!')</script>.<br>";
 myKeys=["style"];
 sanitized = jsoup.clean(html, Whitelist.relaxed().addAttributes(":all" , JavaCast("string[]", myKeys)));
 WriteOutput("<textarea>#sanitized#</textarea>");
</cfscript>
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Gary__F
Contributor ,
Mar 29, 2013 Mar 29, 2013
LATEST
In Response To Nathan_Mische

Nathan, thank you so much for your reply. That was a perfect answer and my code is working now.

I didn't realise the method needed a string and an array, I was shoving both into a single array. Doh to me and yay to you! I wish there was a "jump for joy" emoticon in the forum.

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
Documentation
ColdFusion User Guide
Open in a new window
Copyright © 2025 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices