public string Render(IMarkupElement markupElement) { var content = (markupElement ?? throw new ArgumentNullException(nameof(markupElement))).Aggregate( new StringBuilder(), (result, next) => result.Append( next is IMarkupElement e ? Render(e) : _sanitizer.Sanitize(next, _formatProvider))) .ToString(); var indent = markupElement.Parent != null; var placeOpeningTagOnNewLine = GetFormatting(markupElement.Name).HasFlag(MarkupFormattingOptions.PlaceOpeningTagOnNewLine) && markupElement.Parent.IsNotNull(); var placeClosingTagOnNewLine = GetFormatting(markupElement.Name).HasFlag(MarkupFormattingOptions.PlaceClosingTagOnNewLine); var hasClosingTag = GetFormatting(markupElement.Name).HasFlag(MarkupFormattingOptions.IsVoid) == false; var indentString = IndentString(_formatting.IndentWidth, markupElement.Depth); var html = new StringBuilder() .Append(IndentTag(placeOpeningTagOnNewLine, indent, indentString)) .Append(RenderOpeningTag(markupElement.Name, markupElement.Attributes)) .AppendWhen(() => hasClosingTag, sb => sb .Append(content) .Append(IndentTag(placeClosingTagOnNewLine, indent, indentString)) .Append(RenderClosingTag(markupElement.Name))); return(html.ToString()); }
public async Task BindModelAsync(ModelBindingContext bindingContext) { var factory = bindingContext.ActionContext.HttpContext.RequestServices .GetRequiredService <ISanitationModelBinderFactory>(); var binder = factory.CreateBinder(new ModelBinderFactoryContext { Metadata = bindingContext.ModelMetadata }); await binder.BindModelAsync(bindingContext); if (bindingContext.Result.Model is null) { return; } var model = _sanitizer.Sanitize(bindingContext.Result.Model); if (model is null) { return; } bindingContext.Model = model; }
public ActionResult PostNews(NewsInputModel model) { if (ModelState.IsValid) { var news = new News() { Title = model.Title, Content = sanitizer.Sanitize(model.Content), User = this.User }; base.Data.News.Add(news); base.Data.News.SaveChanges(); return(this.RedirectToAction("Details", "News", new { area = "", news.Id })); } return(this.View(model)); }
public ActionResult Ask(AskInputModel input) { if (ModelState.IsValid) { var userId = User.Identity.GetUserId(); var post = new Post { Title = input.Title, Content = sanitizer.Sanitize(input.Content), AuthorId = userId //TODO: Tags }; posts.Add(post); posts.SaveChanges(); return(RedirectToAction("Display", new { id = post.Id, url = "new" })); } return(View(input)); }