Skip to main content
Sign up or Log in
Support
Training
 Documentation
Evaluation Guide
What's New
Documentation
OutSystems Platform 10
Reference
OutSystems APIs
Sanitization API

Reference

 

OutSystems

Sanitization API

  1. Last updated
  2. Save as PDF

API that provides methods to avoid code injection in HTML, Javascript and SQL snippets that need to include untrusted content, i.e., content gathered from end-users.

Summary

Actions
SanitizeHtml Sanitizes the provided HTML using the OWASP Java HTML Sanitizer Project. The implemented policy follows the example in https://github.com/OWASP/java-html-s...cyExample.java.
VerifyJavascriptLiteral Ensure the provided javascript only contains literals. If it contains anything else, an INVALID JAVASCRIPT LITERAL exception is thrown.
VerifySqlLiteral Ensure the provided SQL only contains literals. If it contains anything else, an INVALID SQL LITERAL exception is thrown.

 

Actions

 

SanitizeHtml

Sanitizes the provided HTML using the OWASP Java HTML Sanitizer Project. The implemented policy follows the example in https://github.com/OWASP/java-html-s...cyExample.java.

Inputs

Html
Type: Text. Mandatory.
The HTML to sanitize.

Outputs

SanitizedHtml
Type: Text.
The sanitized HTML.

VerifyJavascriptLiteral

Ensures the provided JavaScript only contains literals. If it contains anything else, an INVALID JAVASCRIPT LITERAL exception is thrown.

Inputs

JavascriptLiteral
Type: Text. Mandatory.
The JavaScript literal to sanitize.

Outputs

SanitizedJavascriptLiteral
Type: Text.
The sanitized JavaScript literal.

VerifySqlLiteral

Ensures the provided SQL only contains literals. If it contains anything else, an INVALID SQL LITERAL exception is thrown.

Inputs

SqlLiteral
Type: Text. Mandatory.
The SQL to sanitize.

Outputs

SanitizedSqlLiteral
Type: Text.
The sanitized SQL.
  1. Back to top
  • Was this article helpful?

Recommended articles

  1. There are no recommended articles.
  1. Article type
    Topic
    Owner
    TechComm
  2. Tags
    This page has no tags.