AntiSamyDemo.java

package me.test;

import java.io.IOException;
import java.io.InputStream;

import org.owasp.validator.html.AntiSamy;
import org.owasp.validator.html.CleanResults;
import org.owasp.validator.html.Policy;
import org.owasp.validator.html.PolicyException;
import org.owasp.validator.html.ScanException;

public class AntiSamyDemo {

    public static void main(String[] args) throws PolicyException, IOException, ScanException {

        InputStream prolicyIn = AntiSamyDemo.class.getResourceAsStream("antisamy-ebay-1.4.4.xml");
        Policy policy = Policy.getInstance(prolicyIn);
        AntiSamy as = new AntiSamy();
        String drityInput = "<script>alert(1)</script>"
                + "<a href='#bb' style='z-index:999; width:100%;' onclick='xxx'>aa</a>"
                + "<iframe src='javascript:xxx'></iframe>"
                + "<xxx>xxx</xxx>";

        // 输出： <a href="#bb" style="width: 100.0%;">aa</a> xxx
        CleanResults cr = as.scan(drityInput, policy, AntiSamy.SAX);
        String cleanResult = cr.getCleanHTML();
        System.out.println(cleanResult);
    }
}