How to create a Java array for use with jsoup addAttributes() ?

Report · Feb 02, 2013

Hi. Has anyone used jsoup for cleaning up user-submitted HTML?

When I ask jsoup to add some extra attributes to its whitelist I get this error: "The addAttributes method was not found."

The addAttributes() method requires an array. I tried using a CF array, a Java array, and even a string, but nothing worked.

I'm using CF8. My test code is:

<cfset jsoup = createObject("java","org.jsoup.Jsoup")> <cfset whitelist = CreateObject("java", "org.jsoup.safety.Whitelist")> <cfset html="<div style='font-size:24pt;'>This is BIG text</div>. This is an unwanted script: <script>alert('Boo!')</script>.<br>"> <cfset myAttribsArray=[":all","style"]> <cfset myAttribsArray=javacast("string[]", myAttribsArray)> <cfset sanitized = jsoup.clean(html, Whitelist.relaxed().addAttributes(myAttribsArray))> <cfoutput> <textarea rows="10" cols="60"> #HtmlEditFormat(sanitized)#</textarea> </cfoutput>

The code works if I don't bother with addAttributes(), but I need to add the style attribute to the whitelist. Can anyone help please? Thanks.

The API reference for addAttributes() is here:
http://jsoup.org/apidocs/org/jsoup/safety/Whitelist.html#addAttributes

Report · Feb 02, 2013

I looked at the reference you posted and did not see anything about the requirement for an array.

Report · Feb 03, 2013

Hi Dan. The addTags() method doesn't say it needs to be an array either, but it will only work if it's supplied by CF as an array. I got that tip from a Stackoverflow answer I found. Unfortunately it doesn't work for the addAttributess() method. I've tried supplying a string as well, trying to cover all posibilities.

addAttributes(":all","style")

addAttributes('":all","style"')

addAttributes([":all"],["style"])

addAttributes([":all","style"])

Report · Mar 29, 2013

<bump>

Anyone use jsoup or know about sending an array to a Java object? Thanks.

Report · Mar 29, 2013

You can see the setAttributes() method signature like so:

<cfset whitelist = CreateObject("java", "org.jsoup.safety.Whitelist")>
<cfdump var="#Whitelist.relaxed()#" />

If you run that you will see setAttributes() expects a string and a string array.

addAttributes(java.lang.String, java.lang.String[])

Given that, you need to do something like:

<cfscript>
 jsoup = CreateObject("java","org.jsoup.Jsoup");
 whitelist = CreateObject("java", "org.jsoup.safety.Whitelist");
 html="<div style='font-size:24pt;'>This is BIG text</div>. This is an unwanted script: <script>alert('Boo!')</script>.<br>";
 myKeys=["style"];
 sanitized = jsoup.clean(html, Whitelist.relaxed().addAttributes(":all" , JavaCast("string[]", myKeys)));
 WriteOutput("<textarea>#sanitized#</textarea>");
</cfscript>

Report · Mar 29, 2013

Nathan, thank you so much for your reply. That was a perfect answer and my code is working now.

I didn't realise the method needed a string and an array, I was shoving both into a single array. Doh to me and yay to you! I wish there was a "jump for joy" emoticon in the forum.

Adobe Community

How to create a Java array for use with jsoup addAttributes() ?

1 Correct answer