2 Usage - Reference Documentation
Authors: Sudhir Nimavat
Version: 0.1
2 Usage
The plugin adds cleanHtml(String unsafe, String whitelist) method to every controller. The method can be used to clean and sanitize user entered unsafe html against given whitelist. See Whitelist to know more about whitelist.cleanHtml()
Let's say you have a form with a text area, but you don't want to allow any html. You can clean the user supplied text with whitelist none and it will stripe out all the html.class FooController { def save = { String cleaned = cleanHtml(params.textArea, 'none')
} }
def cleaned = cleanHtml(unsafe, 'basic')
- none
- simpleText
- basic
- basicWithImages
- relaxed
htmlCleaner bean
Plugin makes a spring bean with name htmlCleaner available. htmlCleaner provides a method cleanHtml() with same signature as the dynamic method available in controllers.Using htmlCleaner inside a serviceclass FooService { def htmlCleaner def foo() {
String cleaned = htmlCleaner.cleanHtml(unsafe, 'none')
}
}
<hc:cleanHtml /> tag
Example<hc:cleanHtml unsafe="${domainInstance.description}" whitelist="basic"/>