OWASP Java HTML Sanitizer

I Use This!

Inactive

Analyzed 28 days ago. based on code collected 2 months ago.

Project Summary

The OWASP HTML Sanitizer is a fast and easy to configure HTML Sanitizer written in Java which lets you include HTML authored by third-parties in your web application while protecting against XSS. The existing dependencies are on guava and JSR 305. The other jars are only needed by the test suite. The JSR 305 dependency is a compile-only dependency, only needed for annotations. This code was written with security best practices in mind, has an extensive test suite, and has undergone adversarial security review. A great place to get started using the OWASP Java HTML Sanitizer is here: https://github.com/OWASP/java-html-sanitizer/blob/master/docs/getting_started.md

Badges

In a Nutshell, OWASP Java HTML Sanitizer...

...
has had 496 commits made by 19 contributors
representing 59,071 lines of code
...
is mostly written in JavaScript
with a very low number of source code comments
...
has a well established, mature codebase
maintained by nobody
with stable Y-O-Y commits
...
took an estimated 15 years of effort (COCOMO model)
starting with its first commit in March, 2011
ending with its most recent commit over 3 years ago

Quick Reference

Organization:

Open Web Application Security Project (OWASP)

Project Links:

Homepage

Code Locations:

https://github.com/OWASP/java-ht...

Similar Projects:

Managers:

Jim Manico

Licenses

Apache License 2.0

Permitted

Commercial Use

Modify

Distribute

Place Warranty

Sub-License

Private Use

Use Patent Claims

Forbidden

Hold Liable

Use Trademarks

Required

Include Copyright

State Changes

Include License

Include Notice

These details are provided for information only. No information here is legal advice and should not be used as such.

New BSD License

Permitted

Forbidden

Required

These details are provided for information only. No information here is legal advice and should not be used as such.

All Licenses

Project Security

Vulnerabilities per Version ( last 10 releases )

Project Vulnerability Report

Security Confidence Index

Poor security track-record

Favorable security track-record

Vulnerability Exposure Index

Many reported vulnerabilities

Few reported vulnerabilities

About Project Vulnerability Report

Did You Know...

...
there are over 3,000 projects on the Open Hub with security vulnerabilities reported against them
...
you can subscribe to e-mail newsletters to receive update from the Open Hub blog
...
nearly 1 in 3 companies have no process for identifying, tracking, or remediating known open source vulnerabilities
...
search using multiple tags to find exactly what you need