AttributePolicy (OWASP Java HTML Sanitizer r88 API)

All Known Implementing Classes:

FilterUrlByProtocolAttributePolicy
```
public interface AttributePolicy
```
A policy that can be applied to an HTML attribute to decide whether or not to allow it in the output, possibly after transforming its value.

Author:

Mike Samuel

See Also:

HtmlPolicyBuilder.AttributeBuilder.matching(AttributePolicy)

Nested Class Summary

Nested Classes
Modifier and Type Interface Description

static class AttributePolicy.Util
Utilities for working with attribute policies.

Field Summary

Fields
Modifier and Type Field Description

static AttributePolicy IDENTITY_ATTRIBUTE_POLICY

static AttributePolicy REJECT_ALL_ATTRIBUTE_POLICY

Method Summary

All Methods Instance Methods Abstract Methods
Modifier and Type	Method	Description
`java.lang.String`	`apply(java.lang.String elementName, java.lang.String attributeName, java.lang.String value)`

- Field Detail
  - IDENTITY_ATTRIBUTE_POLICY
```
static final AttributePolicy IDENTITY_ATTRIBUTE_POLICY
```
  - REJECT_ALL_ATTRIBUTE_POLICY
```
static final AttributePolicy REJECT_ALL_ATTRIBUTE_POLICY
```
- Method Detail
  - apply
```
@Nullable
java.lang.String apply(java.lang.String elementName,
                       java.lang.String attributeName,
                       java.lang.String value)
```
    Parameters:
    
    elementName - the lower-case element name.
    
    attributeName - the lower-case attribute name.
    
    value - the attribute value without quotes and with HTML entities decoded.
    
    Returns:
    
    null to disallow the attribute or the adjusted value if allowed.