public static Mention Sanitize(JObject dirtyObj) { var cleanObj = new Mention(); if (dirtyObj == null) { return(cleanObj); } var class_ = dirtyObj.GetStringValue("class"); if (!String.IsNullOrEmpty(class_) && IsValidClass(class_)) { cleanObj.Class = class_; } var id = dirtyObj.GetStringValue("id"); if (!String.IsNullOrEmpty(id) && IsValidId(id)) { cleanObj.Id = id; } var target = dirtyObj.GetStringValue("target"); if (!String.IsNullOrEmpty(target) && IsValidTarget(target)) { cleanObj.Target = target; } var avatar = dirtyObj.GetStringValue("avatar"); if (!String.IsNullOrEmpty(avatar)) { cleanObj.Avatar = UrlHelpers.Sanitize(avatar); } var endPoint = dirtyObj.GetStringValue("end-point"); if (!String.IsNullOrEmpty(endPoint)) { cleanObj.EndPoint = UrlHelpers.Sanitize(endPoint); } var slug = dirtyObj.GetStringValue("slug"); if (!String.IsNullOrEmpty(slug)) { cleanObj.Slug = slug; } return(cleanObj); }
public static OpAttributes Sanitize(JToken dirtyAttrs) { var cleanAttrs = new OpAttributes(); if (dirtyAttrs == null || dirtyAttrs.Type != JTokenType.Object) { return(cleanAttrs); } var font = dirtyAttrs.GetStringValue("font"); if (!String.IsNullOrEmpty(font) && IsValidFontName(font)) { cleanAttrs.Font = font; } var size = dirtyAttrs.GetStringValue("size"); if (!String.IsNullOrEmpty(size) && IsValidSize(size)) { cleanAttrs.Size = size; } var link = dirtyAttrs.GetStringValue("link"); if (!String.IsNullOrEmpty(link)) { cleanAttrs.Link = UrlHelpers.Sanitize(link); } var target = dirtyAttrs.GetStringValue("target"); if (!String.IsNullOrEmpty(target) && IsValidTarget(target)) { cleanAttrs.Target = target; } cleanAttrs.Script = ScriptConverter.GetEnumValue( dirtyAttrs.GetStringValue("script")); cleanAttrs.List = ListConverter.GetEnumValue( dirtyAttrs.GetStringValue("list")); var header = dirtyAttrs.GetIntValue("header"); if (header.HasValue && header.Value > 0) { cleanAttrs.Header = Math.Min(header.Value, 6); } cleanAttrs.Align = AlignConverter.GetEnumValue( dirtyAttrs.GetStringValue("align")); cleanAttrs.Direction = DirectionConverter.GetEnumValue( dirtyAttrs.GetStringValue("direction")); var indent = dirtyAttrs.GetIntValue("indent"); if (indent.HasValue) { cleanAttrs.Indent = Math.Min((int)indent.Value, 30); } var width = dirtyAttrs.GetStringValue("width"); if (!String.IsNullOrEmpty(width) && IsValidWidth(width)) { cleanAttrs.Width = width; } cleanAttrs.Bold = dirtyAttrs.GetBoolValue("bold"); cleanAttrs.Italic = dirtyAttrs.GetBoolValue("italic"); cleanAttrs.Underline = dirtyAttrs.GetBoolValue("underline"); cleanAttrs.Strike = dirtyAttrs.GetBoolValue("strike"); cleanAttrs.Code = dirtyAttrs.GetBoolValue("code"); cleanAttrs.Blockquote = dirtyAttrs.GetBoolValue("blockquote"); cleanAttrs.CodeBlock = dirtyAttrs.GetBoolValue("code-block"); cleanAttrs.RenderAsBlock = dirtyAttrs.GetBoolValue("renderAsBlock"); cleanAttrs.Background = GetColour(dirtyAttrs.GetStringValue("background")); cleanAttrs.Color = GetColour(dirtyAttrs.GetStringValue("color")); var mentions = dirtyAttrs.GetBoolValue("mentions"); var mentionToken = dirtyAttrs["mention"]; if (mentionToken != null) { var mention = mentionToken.Value <JObject>(); if (mentions.HasValue && mentions.Value && mention != null) { var sanitizedMention = MentionSanitizer.Sanitize(mention); if (sanitizedMention.AnySet) { cleanAttrs.Mentions = true; cleanAttrs.Mention = sanitizedMention; } } } foreach (var kv in (JObject)dirtyAttrs) { if (s_sanitizedAttributes.Contains(kv.Key)) { continue; } if (cleanAttrs.CustomAttributes == null) { cleanAttrs.CustomAttributes = new Dictionary <string, JToken>(); } cleanAttrs.CustomAttributes.Add(kv.Key, kv.Value); } return(cleanAttrs); }
public IList <TagKeyValue> GetTagAttributes() { if (_op.Attributes.Code == true && !_op.IsLink()) { return(new TagKeyValue[0]); } var result = new List <TagKeyValue>(); Action <string, string> add = (string key, string value) => result.Add(new TagKeyValue(key, value)); var classes = GetCssClasses(); if (classes.Any()) { add("class", String.Join(" ", classes)); } if (_op.IsImage()) { if (!String.IsNullOrEmpty(_op.Attributes.Width)) { add("width", _op.Attributes.Width); } add("src", UrlHelpers.Sanitize(((InsertDataImage)_op.Insert).Value ?? "")); return(result); } if (_op.IsACheckList()) { add("data-checked", _op.IsCheckedList() ? "true" : "false"); return(result); } if (_op.IsFormula()) { return(result); } if (_op.IsVideo()) { add("frameborder", "0"); add("allowfullscreen", "true"); add("src", UrlHelpers.Sanitize(((InsertDataVideo)_op.Insert).Value ?? "")); return(result); } if (_op.IsMentions()) { var mention = _op.Attributes.Mention; if (!String.IsNullOrEmpty(mention.Class)) { add("class", mention.Class); } if (!String.IsNullOrEmpty(mention.EndPoint) && !String.IsNullOrEmpty(mention.Slug)) { add("href", EncodeLink(mention.EndPoint + "/" + mention.Slug)); } else { add("href", "about:blank"); } if (!String.IsNullOrEmpty(mention.Target)) { add("target", mention.Target); } return(result); } var styles = GetCssStyles(); if (styles.Any()) { add("style", String.Join(";", styles)); } if (_op.IsContainerBlock()) { return(result); } if (_op.IsLink()) { add("href", EncodeLink(_op.Attributes.Link)); var target = String.IsNullOrEmpty(_op.Attributes.Target) ? _options.LinkTarget : _op.Attributes.Target; if (!String.IsNullOrEmpty(target)) { add("target", target); } if (!String.IsNullOrEmpty(_options.LinkRel) && IsValidRel(_options.LinkRel)) { add("rel", _options.LinkRel); } } return(result); }