HTML filtering utility for protecting against XSS (Cross Site Scripting).
This code is licensed LGPLv3
This code is a Java port of the original work in PHP by Cal Hendersen.
The trickiest part of the translation was handling the differences in regex handling
between PHP and Java. These resources were helpful in the process:
A note on naming conventions: instance variables are prefixed with a "v"; global
constants are in all caps.
String input = ...
String clean = new HTMLFilter().filter( input );
The class is not thread safe. Create a new instance if in doubt.
If you find bugs or have suggestions on improvement (especially regarding
performance), please contact us. The latest version of this
source, and our contact details, can be found at http://xss-html-filter.sf.net
Joseph O'Connell, Cal Hendersen, Michael Semb Wever