Show Navigation

xss-sanitizer

This plugin uses OWASP ESAPI library to sanitize request parameters. This reduces the risk of dangerous XSS request parameters possibly being rendered on the client.

Owner: rpalcolea | 1.0.0 | Aug 22, 2016 | Package | Issues | Source | License: Apache-2.0


dependencies {
    compile 'org.grails.plugins:xss-sanitizer:1.0.0'
}

            

grails-xss-sanitizer

Build Status Download Slack Signup

Grails 3 plugin for sanitizing XSS from the user input. This is a port of the Grails 2.x version by @tonyzampogna (Tony Zampogna) https://github.com/tonyzampogna/XssSanitizer

This plugin uses OWASP ESAPI library to sanitize request parameters. This reduces the risk of dangerous XSS request parameters possibly being rendered on the client.

Installation

Add the following dependencies in build.gradle

dependencies {
...
    compile 'org.grails.plugins:grails-xss-sanitizer:1.0.+'
...
}

Description

This plugin will add the automatic ability to strip / clean out unwanted XSS code in the browser. The plugin strips code that comes in via the request object. Also, any Servlets will use an extend HttpServletRequest so that request parameters used from that servlet will be stripped as well.

Just adding this plugin to you project with the installation instructions above and adding the following Config will activate it:

	xssSanitizer:
	     enabled: true

There is an XssSanitizerUtil class that can also be used to strip strings out.

Sponsors

Alt text

YourKit supports open source projects with its full-featured Java Profiler. YourKit, LLC is the creator of YourKit Java Profiler and YourKit .NET Profiler, innovative and intelligent tools for profiling Java and .NET applications.