Package de.hybris.platform.security
Interface XssEncodeService
- All Known Implementing Classes:
DefaultXssEncodeService
public interface XssEncodeService
The interface providing functionality to eliminate Cross-site scripting (XSS) vulnerabilities.
-
Method Summary
Modifier and TypeMethodDescriptionencodeHtml(String input) Encodes input HTML to be XSS-safe code
-
Method Details
-
encodeHtml
Encodes input HTML to be XSS-safe code- Parameters:
input- untrusted HTML-string to clear it- Returns:
- a safe (w/o potential XSS vulnerabilities) representation of the HTML
-