Monday, July 30, 2012

Halting the spread of socially transmitted diseases

by Mike Samuel ( )

Social websites are making it easier than ever to share content but promiscuous sharing of HTML not only helps teenagers find an outlet for pent up creative energy -- it also provides an easy vector for internet worms.  Sandboxes like Caja and HTML5's "sandbox" attribute allow safe embedding of dynamic HTML, but either suffer limited availability, lack flexibility, or require significant work to integrate.

OWASP's HTML Sanitizer for Java is a flexible, easy to deploy, and easy to configure solution that scales to large volume servers and can be used either stand-alone or as part of a defense-in-depth with other protective layers.

Prevents Code Injection

OWASP’s HTML Sanitizer scrubs dynamic code from HTML that might listen for keystrokes, steal credentials, annoy your users with downloads of malware, or engage in other unapproved activity.

Preserves Trusted Path

By default, OWASP’s HTML Sanitizer removes form inputs including password inputs so untrusted content cannot phish your users from inside your own website, and it reworks CSS styles so that your site can use CSS clipping to restrict third-party content a visually distinct region.

Preserves Search Rank

OWASP’s HTML Sanitizer can rewrite links so that search engines won’t treat them as endorsed by your website.  With a bit of configuration, the same mechanism can rewrite image sources to let you proxy images and/or avoid mixed-content warnings by requiring HTTPS everywhere.


OWASP's HTML Sanitizer is easy to configure.  It comes with a variety of pre-packaged policies that work out of the box, and when you need more control, you can write custom configurations using simple Java code that benefits from your IDE’s auto-complete features instead of learning a new dialect of XML.


OWASP’s HTML Sanitizer understands CSS as well as HTML so third-party authors can style their content.


OWASP’s HTML Sanitizer was designed for large volume servers.  It does not build large temporary data structures in memory, and policies have no mutable state so can be shared efficiently by many threads without incurring a lock cost.

For more info

To get started, visit to find example code, download links, instructions on Maven integration, and links to our discussion and support page.

Share safely.

No comments: