【发布时间】:2020-02-08 00:29:14
【问题描述】:
我有一个基于 Java 的后端,我在其中使用 Hibernate 进行一些更具体的 bean 验证,即:@SafeHtml。它可以很好地满足我 99% 的需求,但是,我有一部分允许用户输入基本的 HTML 来创建自己的页眉/页脚。因此,我在这里需要减少限制。
由于某种原因,我的代码中有些地方不对劲。我收到 400 错误请求。我真的很感激任何帮助。提前谢谢!
HTML:
<table bgcolor="navy" cellpadding="0" cellspacing="0" border="0" height="60" width="600" style="border-collapse:collapse;">
<tr>
<td>
<div style="display:none;font-size:1px;line-height:1px;max-height:0px;max-width:0px;opacity:0;overflow:hidden;mso-hide:all;font-family: sans-serif;">
</div>
<table align="left" width="600" class="email-container" cellpadding="0" cellspacing="0" border="0">
<tr>
<td style="padding: 20px 10px;width: 100%;font-size: 12px; mso-height-rule: exactly; line-height:14px; text-align: center; color: #CCCCCC;">
© HELLO WORLD All rights reserved - <a href="https://www.someUrl" style="color: #CCCCCC" target="new" rel="noopener noreferrer">Privacy Policy GK</a>
</td>
</tr>
</table>
</td>
</tr>
</table>
Java:
@SafeHtml(whitelistType = SafeHtml.WhiteListType.RELAXED,
additionalTags = {"html", "tr", "body", "b", "i", "table", "td", "center", "div", "a", "img", "font"},
additionalTagsWithAttributes = {
//@SafeHtml.Tag(name = "a", attributesWithProtocols = @SafeHtml.Attribute(name = "href", protocols = "#")),
@SafeHtml.Tag(name = "a", attributes = {"href"}),
@SafeHtml.Tag(name = "body", attributes = {"bgcolor", "width", "style"}),
@SafeHtml.Tag(name = "table", attributes = {"align", "bgcolor", "cellpadding", "cellspacing", "border", "height", "width", "style", "color", "class"}),
@SafeHtml.Tag(name = "td", attributes = {"style", "align", "bgcolor"}),
@SafeHtml.Tag(name = "font", attributes = {"face"}),
@SafeHtml.Tag(name = "img", attributes = {"src", "width", "height", "alt", "border"}),
@SafeHtml.Tag(name = ":all", attributes = {"style", "dir", "checked", "class", "id", "target", "title", "type"})
})
【问题讨论】:
标签: java spring hibernate jsoup