Class DefaultXssEncodeService

java.lang.Object
de.hybris.platform.security.impl.DefaultXssEncodeService
All Implemented Interfaces:
XssEncodeService

public class DefaultXssEncodeService extends Object implements XssEncodeService
Default implementation of XssEncodeService
  • Constructor Details

    • DefaultXssEncodeService

      public DefaultXssEncodeService()
  • Method Details

    • encodeHtml

      public String encodeHtml(String input)
      Description copied from interface: XssEncodeService
      Encodes input HTML to be XSS-safe code
      Specified by:
      encodeHtml in interface XssEncodeService
      Parameters:
      input - untrusted HTML-string to clear it
      Returns:
      a safe (w/o potential XSS vulnerabilities) representation of the HTML