Java Hibernate Validator@SafeHtml无法允许自定义HTML标记和属性
我有一个基于Java的后端,其中我使用Hibernate进行一些更具体的bean验证,即:@SafeHtml。它非常适合我99%的需求,但是,我有一个部分允许用户输入基本HTML来创建自己的页眉/页脚。因此,我需要在这里减少限制 由于某些原因,我的代码中有些地方不正确。我收到了400个错误的请求。我真的很感激任何帮助。提前谢谢你 HTML:Java Hibernate Validator@SafeHtml无法允许自定义HTML标记和属性,java,spring,hibernate,jsoup,Java,Spring,Hibernate,Jsoup,我有一个基于Java的后端,其中我使用Hibernate进行一些更具体的bean验证,即:@SafeHtml。它非常适合我99%的需求,但是,我有一个部分允许用户输入基本HTML来创建自己的页眉/页脚。因此,我需要在这里减少限制 由于某些原因,我的代码中有些地方不正确。我收到了400个错误的请求。我真的很感激任何帮助。提前谢谢你 HTML: ©HELLO WORLD版权所有- 爪哇: @SafeHtml(whitelistType=SafeHtml.whitelistType.Released
©HELLO WORLD版权所有-
爪哇:
@SafeHtml(whitelistType=SafeHtml.whitelistType.Released,
附加标签={“html”、“tr”、“body”、“b”、“i”、“table”、“td”、“center”、“div”、“a”、“img”、“font”},
附加标记表示敬意={
//@Tag(name=“a”,attributesWithProtocols=@SafeHtml.Attribute(name=“href”,protocols=“#”),
@Tag(name=“a”,attributes={“href”}),
@Tag(name=“body”,attributes={“bgcolor”,“width”,“style”}),
@Tag(name=“table”,attributes={“align”,“bgcolor”,“cellpadding”,“cellspacking”,“border”,“height”,“width”,“style”,“color”,“class”}),
@Tag(name=“td”,attributes={“style”,“align”,“bgcolor”}),
@Tag(name=“font”,attributes={“face”}),
@Tag(name=“img”,attributes={“src”,“width”,“height”,“alt”,“border”}),
@Tag(name=“:all”,attributes={“style”,“dir”,“checked”,“class”,“id”,“target”,“title”,“type”})
})
@SafeHtml.Tag(name = "a", attributes = {"href", "rel"}),
package org.example;
import static org.junit.Assert.assertTrue;
import org.hibernate.validator.constraints.SafeHtml;
import org.hibernate.validator.internal.constraintvalidators.hv.SafeHtmlValidator;
import org.junit.Test;
@SafeHtml(whitelistType = SafeHtml.WhiteListType.RELAXED,
additionalTags = {"html", "tr", "body", "b", "i", "table", "td", "center", "div", "a", "img", "font"},
additionalTagsWithAttributes = {
//@SafeHtml.Tag(name = "a", attributesWithProtocols = @SafeHtml.Attribute(name = "href", protocols = "#")),
@SafeHtml.Tag(name = "a", attributes = {"href", "rel"}),
@SafeHtml.Tag(name = "body", attributes = {"bgcolor", "width", "style"}),
@SafeHtml.Tag(name = "table", attributes = {"align", "bgcolor", "cellpadding", "cellspacing", "border", "height", "width", "style", "color", "class"}),
@SafeHtml.Tag(name = "td", attributes = {"style", "align", "bgcolor"}),
@SafeHtml.Tag(name = "font", attributes = {"face"}),
@SafeHtml.Tag(name = "img", attributes = {"src", "width", "height", "alt", "border"}),
@SafeHtml.Tag(name = ":all", attributes = {"style", "dir", "checked", "class", "id", "target", "title", "type"})
})
public class Q60122842Test
{
@Test
public void isValid()
{
String value = " <table bgcolor=\"navy\" cellpadding=\"0\" cellspacing=\"0\" border=\"0\" height=\"60\" width=\"600\" style=\"border-collapse:collapse;\">\n" +
" <tr>\n" +
" <td>\n" +
" <div style=\"display:none;font-size:1px;line-height:1px;max-height:0px;max-width:0px;opacity:0;overflow:hidden;mso-hide:all;font-family: sans-serif;\">\n" +
" </div>\n" +
" <table align=\"left\" width=\"600\" class=\"email-container\" cellpadding=\"0\" cellspacing=\"0\" border=\"0\">\n" +
" <tr>\n" +
" <td style=\"padding: 20px 10px;width: 100%;font-size: 12px; mso-height-rule: exactly; line-height:14px; text-align: center; color: #CCCCCC;\">\n" +
" © HELLO WORLD All rights reserved - <a href=\"https://www.someUrl\" style=\"color: #CCCCCC\" target=\"new\" rel=\"noopener noreferrer\">Privacy Policy GK</a>\n" +
" </td>\n" +
" </tr>\n" +
" </table>\n" +
" </td>\n" +
" </tr>\n" +
" </table>";
SafeHtml annotation = Q60122842Test.class.getAnnotation(SafeHtml.class);
SafeHtmlValidator validator = new SafeHtmlValidator();
validator.initialize( annotation );
assertTrue(validator.isValid(value, null));
}
}
package org.example;
导入静态org.junit.Assert.assertTrue;
导入org.hibernate.validator.constraints.SafeHtml;
导入org.hibernate.validator.internal.constraintvalidators.hv.SafeHtmlValidator;
导入org.junit.Test;
@SafeHtml(whitelistType=SafeHtml.whitelistType.Released,
附加标签={“html”、“tr”、“body”、“b”、“i”、“table”、“td”、“center”、“div”、“a”、“img”、“font”},
附加标记表示敬意={
//@Tag(name=“a”,attributesWithProtocols=@SafeHtml.Attribute(name=“href”,protocols=“#”),
@Tag(name=“a”,attributes={“href”,“rel”}),
@Tag(name=“body”,attributes={“bgcolor”,“width”,“style”}),
@Tag(name=“table”,attributes={“align”,“bgcolor”,“cellpadding”,“cellspacking”,“border”,“height”,“width”,“style”,“color”,“class”}),
@Tag(name=“td”,attributes={“style”,“align”,“bgcolor”}),
@Tag(name=“font”,attributes={“face”}),
@Tag(name=“img”,attributes={“src”,“width”,“height”,“alt”,“border”}),
@Tag(name=“:all”,attributes={“style”,“dir”,“checked”,“class”,“id”,“target”,“title”,“type”})
})
公共类Q60122842测试
{
@试验
public void isValid()
{
字符串值=“\n”+
“\n”+
“\n”+
“\n”+
“\n”+
“\n”+
“\n”+
“\n”+
“©HELLO WORLD版权所有-\n”+
“\n”+
“\n”+
“\n”+
“\n”+
“\n”+
" ";
SafeHtml注释=Q60122842Test.class.getAnnotation(SafeHtml.class);
SafeThMLValidator validator=新的SafeThMLValidator();
初始化(注释);
assertTrue(validator.isValid(值,null));
}
}
package org.example;
import static org.junit.Assert.assertTrue;
import org.hibernate.validator.constraints.SafeHtml;
import org.hibernate.validator.internal.constraintvalidators.hv.SafeHtmlValidator;
import org.junit.Test;
@SafeHtml(whitelistType = SafeHtml.WhiteListType.RELAXED,
additionalTags = {"html", "tr", "body", "b", "i", "table", "td", "center", "div", "a", "img", "font"},
additionalTagsWithAttributes = {
//@SafeHtml.Tag(name = "a", attributesWithProtocols = @SafeHtml.Attribute(name = "href", protocols = "#")),
@SafeHtml.Tag(name = "a", attributes = {"href", "rel"}),
@SafeHtml.Tag(name = "body", attributes = {"bgcolor", "width", "style"}),
@SafeHtml.Tag(name = "table", attributes = {"align", "bgcolor", "cellpadding", "cellspacing", "border", "height", "width", "style", "color", "class"}),
@SafeHtml.Tag(name = "td", attributes = {"style", "align", "bgcolor"}),
@SafeHtml.Tag(name = "font", attributes = {"face"}),
@SafeHtml.Tag(name = "img", attributes = {"src", "width", "height", "alt", "border"}),
@SafeHtml.Tag(name = ":all", attributes = {"style", "dir", "checked", "class", "id", "target", "title", "type"})
})
public class Q60122842Test
{
@Test
public void isValid()
{
String value = " <table bgcolor=\"navy\" cellpadding=\"0\" cellspacing=\"0\" border=\"0\" height=\"60\" width=\"600\" style=\"border-collapse:collapse;\">\n" +
" <tr>\n" +
" <td>\n" +
" <div style=\"display:none;font-size:1px;line-height:1px;max-height:0px;max-width:0px;opacity:0;overflow:hidden;mso-hide:all;font-family: sans-serif;\">\n" +
" </div>\n" +
" <table align=\"left\" width=\"600\" class=\"email-container\" cellpadding=\"0\" cellspacing=\"0\" border=\"0\">\n" +
" <tr>\n" +
" <td style=\"padding: 20px 10px;width: 100%;font-size: 12px; mso-height-rule: exactly; line-height:14px; text-align: center; color: #CCCCCC;\">\n" +
" © HELLO WORLD All rights reserved - <a href=\"https://www.someUrl\" style=\"color: #CCCCCC\" target=\"new\" rel=\"noopener noreferrer\">Privacy Policy GK</a>\n" +
" </td>\n" +
" </tr>\n" +
" </table>\n" +
" </td>\n" +
" </tr>\n" +
" </table>";
SafeHtml annotation = Q60122842Test.class.getAnnotation(SafeHtml.class);
SafeHtmlValidator validator = new SafeHtmlValidator();
validator.initialize( annotation );
assertTrue(validator.isValid(value, null));
}
}