Project Summary
The OWASP HTML Sanitizer is a fast and easy to configure HTML Sanitizer written in Java which lets you include HTML authored by third-parties in your web application while protecting against XSS. The existing dependencies are on guava and JSR 305. The other jars are only needed by the test suite. The JSR 305 dependency is a compile-only dependency, only needed for annotations. This code was written with security best practices in mind, has an extensive test suite, and has undergone adversarial security review. A great place to get started using the OWASP Java HTML Sanitizer is here: https://github.com/OWASP/java-html-sanitizer/blob/master/docs/getting_started.md
Badges
In a Nutshell, OWASP Java HTML Sanitizer...
- ...
- ...
- ...
-
...
took an estimated 15 years of effort (COCOMO model)
starting with its first commit in March, 2011
ending with its most recent commit over 3 years ago
Quick Reference
3-Clause BSD License
Permitted
Forbidden
Required
These details are provided for information only. No information here is legal advice and should not be used as such.
Apache License 2.0
Permitted
Commercial Use
Modify
Distribute
Place Warranty
Sub-License
Private Use
Use Patent Claims
Forbidden
Hold Liable
Use Trademarks
Required
Include Copyright
State Changes
Include License
Include Notice
These details are provided for information only. No information here is legal advice and should not be used as such.
Project Security
Vulnerabilities per Version ( last 10 releases )
Project Vulnerability Report
Security Confidence Index
Vulnerability Exposure Index
Did You Know...
-
...
65% of companies leverage OSS to speed application development in 2016
-
...
by exploring contributors within projects, you can view details on every commit they have made to that project
-
...
there are over 3,000 projects on the Open Hub with security vulnerabilities reported against them
-
...
compare projects before you chose one to use
30 Day SummaryJun 12 2025 — Jul 12 2025
|
12 Month SummaryJul 12 2024 — Jul 12 2025
|
