Description
Allows you to specify the tags allowed in certain content as well as whether links are allowed.
Availabilty
Available as of blojsom 2.27.
Installation and Setup
In your global /WEB-INF/plugin.properties file, add the following line:
xss-filter=org.blojsom.plugin.filter.XSSFilterPlugin
If you would like to output the configurable set of tags and whether or not links are allowed in your template files, you may then add "xss-filter" to one of the flavor-based plugin chains. These plugin chains can be found in the individual blog's plugin.properties file. You can add the filter at the end of the plugin chain. For example:
html.blojsom-plugin-chain=..., xss-filter
The following table lists the configurable properties for this plugin. These properties are configured in the individual blog's blog.properties file.
| Property |
Default Value |
Description |
| plugin-xss-filter-allowed-balanced-tags |
b, i, blockquote, pre, ul, ol, li |
A comma-separated list of tags (balanced meaning there is a start and end tag) that you would like to allow. |
| plugin-xss-filter-allowed-unbalanced-tags |
br |
A comma-separated list of tags (unbalanced meaning there only a single tag) that you would like to allow. |
| plugin-xss-filter-allow-links |
true |
true or false indicates whether or not you would like to allow <a href="...">some site</a> links. |
| plugin-xss-filter-process-entries |
false |
true or false indicates whether or not you want the XSS filter to process blog entry text. |
Usage
Context Attributes and Types
The following table describes the context attributes that are available and their associated type.
| Context key |
Type |
Description |
| XSS_FILTER_ALLOWED_BALANCED_TAGS |
String[] |
Array of strings containing the list of allowed balanced tags. |
| XSS_FILTER_ALLOWED_UNBALANCED_TAGS |
String[] |
Array of strings containing the list of allowed unbalanced tags. |
| XSS_FILTER_ALLOW_LINKS |
Boolean |
Boolean value indicating whether or not links are allowed. |
Usage
