CssScanner (OWASP AntiSamy 1.5.3 API)

java.lang.Object
- org.owasp.validator.css.CssScanner

Direct Known Subclasses:

ExternalCssScanner
```
public class CssScanner
extends Object
```
Encapsulates the parsing and validation of a CSS stylesheet or inline declaration. To make use of this class, instantiate the scanner with the desired policy and call either scanInlineSheet() or scanStyleSheet as appropriate.

Author:

Jason Li

See Also:
scanInlineStyle(String, String, int), scanStyleSheet(String, int)

Field Summary

Fields
Modifier and Type	Field and Description
`protected static int`	`DEFAULT_TIMEOUT`
`protected ResourceBundle`	`messages` The message bundled to pull error messages from.
`protected org.apache.batik.css.parser.Parser`	`parser` The parser to be used in any scanning
`protected InternalPolicy`	`policy` The policy file to be used in any scanning

Constructor Summary

Constructors
Constructor and Description

CssScanner(InternalPolicy policy, ResourceBundle messages)
Constructs a scanner based on the given policy.

Constructors
Constructor and Description
`CssScanner(InternalPolicy policy, ResourceBundle messages)` Constructs a scanner based on the given policy.

Method Summary

Methods
Modifier and Type	Method and Description
`static void`	`main(String[] args)` Deprecated.
`protected void`	`parseImportedStylesheets(LinkedList stylesheets, CssHandler handler, List<String> errorMessages, int sizeLimit)` Parses through a `LinkedList` of imported stylesheet URIs, this method parses through those stylesheets and validates them
`CleanResults`	`scanInlineStyle(String taintedCss, String tagName, int sizeLimit)` Scans the contents of an inline style declaration (ex.
`CleanResults`	`scanStyleSheet(String taintedCss, int sizeLimit)` Scans the contents of a full stylesheet (ex.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - DEFAULT_TIMEOUT
```
protected static final int DEFAULT_TIMEOUT
```
    See Also:
    Constant Field Values
  - parser
```
protected final org.apache.batik.css.parser.Parser parser
```
    The parser to be used in any scanning
  - policy
```
protected final InternalPolicy policy
```
    The policy file to be used in any scanning
  - messages
```
protected final ResourceBundle messages
```
    The message bundled to pull error messages from.
- Constructor Detail
  - CssScanner
```
public CssScanner(InternalPolicy policy,
          ResourceBundle messages)
```
    Constructs a scanner based on the given policy.
    
    Parameters:
    policy - the policy to follow when scanning
- Method Detail
  - scanStyleSheet
```
public CleanResults scanStyleSheet(String taintedCss,
                          int sizeLimit)
                            throws ScanException
```
    Scans the contents of a full stylesheet (ex. a file based stylesheet or the complete stylesheet contents as declared within <style> tags)
    
    Parameters:
    taintedCss - a String containing the contents of the CSS stylesheet to validate
    sizeLimit - the limit on the total size in bytes of any imported stylesheets
    
    Returns:
    a CleanResuts object containing the results of the scan
    
    Throws:
    
    ScanException - if an error occurs during scanning
  - scanInlineStyle
```
public CleanResults scanInlineStyle(String taintedCss,
                           String tagName,
                           int sizeLimit)
                             throws ScanException
```
    Scans the contents of an inline style declaration (ex. in the style attribute of an HTML tag) and validates the style sheet according to this CssScanner's policy file.
    
    Parameters:
    taintedCss - a String containing the contents of the CSS stylesheet to validate
    tagName - the name of the tag for which this inline style was declared
    sizeLimit - the limit on the total size in bites of any imported stylesheets
    
    Returns:
    a CleanResuts object containing the results of the scan
    
    Throws:
    
    ScanException - if an error occurs during scanning
  - parseImportedStylesheets
```
protected void parseImportedStylesheets(LinkedList stylesheets,
                            CssHandler handler,
                            List<String> errorMessages,
                            int sizeLimit)
                                 throws ScanException
```
    Parses through a LinkedList of imported stylesheet URIs, this method parses through those stylesheets and validates them
    
    Parameters:
    stylesheets - the LinkedList of stylesheet URIs to parse
    handler - the CssHandler to use for parsing
    errorMessages - the list of error messages to append to
    sizeLimit - the limit on the total size in bites of any imported stylesheets
    
    Throws:
    
    ScanException - if an error occurs during scanning
  - main
```
public static void main(String[] args)
                 throws Exception
```
    Deprecated.
    
    Test method to demonstrate CSS scanning.
    
    Parameters:
    args - unused
    
    Throws:
    
    Exception - if any error occurs

Class CssScanner

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

DEFAULT_TIMEOUT

parser

policy

messages

Constructor Detail

CssScanner

Method Detail

scanStyleSheet

scanInlineStyle

parseImportedStylesheets

main