Beispiel #1
0
        public static void Configure(HttpConfiguration config, XssStrategy strategy)
        {
            var wrappedFormatters = config.Formatters.Select(fmt => new XssFilteringMediaTypeFormatter(fmt, strategy)).ToList();

            config.Formatters.Clear();
            config.Formatters.AddRange(wrappedFormatters);
        }
Beispiel #2
0
        private string Sanitize(string dirty, AllowHtmlAttribute attribute, XssStrategy strategy)
        {
            switch (strategy)
            {
            case XssStrategy.AspNet:
                throw new NotImplementedException();

            case XssStrategy.HtmlSanitizer:
                return(SanitizeHtmlSanitizer(dirty, attribute));

            case XssStrategy.AntiXss:
                return(SanitizeAntiXss(dirty, attribute));

            default:
                throw new NotImplementedException();
            }
        }
 public XssModelValidationProvider(XssStrategy strategy)
 {
     _strategy = strategy;
 }
Beispiel #4
0
 public XssModelValidationProvider(XssStrategy strategy)
 {
     _strategy = strategy;
 }
 public static void Configure(HttpConfiguration config, XssStrategy strategy)
 {
     var wrappedFormatters = config.Formatters.Select(fmt => new XssFilteringMediaTypeFormatter(fmt, strategy)).ToList();
     config.Formatters.Clear();
     config.Formatters.AddRange(wrappedFormatters);
 }
 public XssFilteringMediaTypeFormatter(MediaTypeFormatter innerFormatter, XssStrategy strategy) : base(innerFormatter)
 {
     _innerFormatter = innerFormatter;
     _strategy = strategy;
 }
 private string Sanitize(string dirty, AllowHtmlAttribute attribute, XssStrategy strategy)
 {
     switch (strategy)
     {
         case XssStrategy.AspNet:
             throw new NotImplementedException();
         case XssStrategy.HtmlSanitizer:
             return SanitizeHtmlSanitizer(dirty, attribute);
         case XssStrategy.AntiXss:
             return SanitizeAntiXss(dirty, attribute);
         default:
             throw new NotImplementedException();
     }
 }
Beispiel #8
0
 public XssFilteringMediaTypeFormatter(MediaTypeFormatter innerFormatter, XssStrategy strategy) : base(innerFormatter)
 {
     _innerFormatter = innerFormatter;
     _strategy       = strategy;
 }