package com.nuvole.util;

import cn.hutool.core.util.StrUtil;
import org.apache.commons.text.StringEscapeUtils;
import org.owasp.validator.html.AntiSamy;
import org.owasp.validator.html.Policy;
import org.owasp.validator.html.PolicyException;
import org.owasp.validator.html.ScanException;

import java.io.InputStream;

/**
 * @author ChenLong
 * @version 1.0
 * @ClassName XSSUtil
 * @date 2019/7/16 18:13
 */
public class XssUtil {

    public static String clearXss(String val) {
        if (StrUtil.isBlank(val)) {
            return val;
        }
        try {
            InputStream is = XssUtil.class.getResourceAsStream("/antisamy.xml");
            AntiSamy antiSamy = new AntiSamy();
            Policy policy = Policy.getInstance(is);
            return StringEscapeUtils.unescapeHtml4(antiSamy.scan(val, policy).getCleanHTML());
        } catch (PolicyException e) {
            e.printStackTrace();
        } catch (ScanException e) {
            e.printStackTrace();
        }
        return val;
    }

}