Skip to content

Instantly share code, notes, and snippets.

@bardware

bardware/jsoup001.cfm

Created April 18, 2018 17:13
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save bardware/62754018cc04b7bc9537b63c4163edc6 to your computer and use it in GitHub Desktop.
Save bardware/62754018cc04b7bc9537b63c4163edc6 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
jsoup001.cfm
<cfset oJSOUP = CreateObject("java", "org.jsoup.Jsoup" )>
<cfset oJSOUPWL = CreateObject("java", "org.jsoup.safety.Whitelist" ).init()>
<cfdump var="#oJSOUP#" expand="false">
<cfdump var="#oJSOUPWL#" expand="false">
<cfdump var="#oJSOUPWL.relaxed()#" expand="false">
<cfdump var="#oJsoup.clean('<a href="link.html"><img src="http://example.com/bild.gif"></a>', oJSOUPWL.relaxed().addAttributes("a", ["href", "class"] ).addAttributes("img", ["src", "class", "styles", "width", "height"] ).removeProtocols("a", "href", ["ftp", "http", "https", "mailto"]).removeProtocols("img", "src", ["http", "https"]) )#">
<cfdump var="#oJsoup.clean('<a href="link.html"><img src="http://example.com/bild.gif"></a>', "http://example.com/", oJSOUPWL.relaxed().preserveRelativeLinks(true))#">
<cfdump var="#oJsoup.clean('</textarea><iframe src=test.html onLoad=javascript:alert(1)></iframe><textarea>', "http://example.com/", oJSOUPWL.relaxed().preserveRelativeLinks(true))#">
<cfquery datasource="#Application.datasource#" name="qryNull">
SELECT null a, 1241 b
FROM dual
</cfquery>
<cfset strHTML = 1241>
<cfdump var="#oJsoup.clean( javaCast( "string", qryNull.b[ 1 ] ), "http://example.com/", oJSOUPWL.relaxed().preserveRelativeLinks(true))#">
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment