TechQA.

SafeHtml with BASIC whiteListType fails on link with rel=nofollow

511 views Asked by At

suppose, i have some field where i want to allow only some basic html, like bold or paragraph or even a link:

@SafeHtml(whitelistType = SafeHtml.WhiteListType.BASIC, message = Constants.HTML_IS_NOT_ALLOWED)
private String body;

hibernate documentation says next for basic white list:

    /**
     * This whitelist allows a fuller range of text nodes:
     * <code>a, b, blockquote, br, cite, code, dd, dl, dt, em, i, li, ol, p, pre, q, small, strike, strong, sub, sup, u, ul</code>
     * , and appropriate attributes.
     * <p/>
     * Links (<code>a</code> elements) can point to <code>http, https, ftp, mailto</code>, and have an enforced
     * <code>rel=nofollow</code> attribute.
     * <p/>
     * Does not allow images.
     */

according to it, validator should allow link with nofollow attribute, for example

<a href="http://stackoverflow.com/" rel="nofollow">stackoverflow</a>

but validation still fails, why?

java hibernate validation hibernate-validator whitelist
Original Q&A
0

There are 0 answers

Related Questions in JAVA

Related Questions in HIBERNATE

Related Questions in VALIDATION

Related Questions in HIBERNATE-VALIDATOR

Related Questions in WHITELIST

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions