Package ca.uhn.fhir.rest.server.util
Class NarrativeUtil
java.lang.Object
ca.uhn.fhir.rest.server.util.NarrativeUtil
-
Method Summary
Modifier and TypeMethodDescriptionstatic org.hl7.fhir.utilities.xhtml.XhtmlNodesanitize(org.hl7.fhir.utilities.xhtml.XhtmlNode theNode) This method accepts an Xhtml (generally a narrative) and sanitizes it, removing unsafe elements.static StringsanitizeHtmlFragment(String theHtml) This method accepts an Xhtml (generally a narrative) and sanitizes it, removing unsafe elements.
-
Method Details
-
sanitizeHtmlFragment
This method accepts an Xhtml (generally a narrative) and sanitizes it, removing unsafe elements. This method leverages the OWASP Java HTML Sanitizer to perform this task. The policy allows the following:- Block tags are allowed
- Tables are allowed
- Basic styles are allowed but any styles considered unsafe are removed from the document (e.g. any style declarations that could be used to load external content)
- Attributes considered safe are allowed
- Any links (invalid input: '<a' href="....") are removed although any text inside the link is retained
- All other elements and attributes are removed
-
sanitize
public static org.hl7.fhir.utilities.xhtml.XhtmlNode sanitize(org.hl7.fhir.utilities.xhtml.XhtmlNode theNode) This method accepts an Xhtml (generally a narrative) and sanitizes it, removing unsafe elements. This method leverages the OWASP Java HTML Sanitizer to perform this task. The policy allows the following:- Block tags are allowed
- Tables are allowed
- Basic styles are allowed but any styles considered unsafe are removed from the document (e.g. any style declarations that could be used to load external content)
- Attributes considered safe are allowed
- Any links (invalid input: '<a' href="....") are removed although any text inside the link is retained
- All other elements and attributes are removed
-