private void HtmlSanitizer_RemovingTag(object sender, RemovingTagEventArgs e)
{
if (e.Tag.NodeName.Equals("IFRAME", StringComparison.OrdinalIgnoreCase))
{
string src = e.Tag.GetAttribute("src");
if (!string.IsNullOrEmpty(src) && src.StartsWith("https://www.youtube.com/"))
{
e.Cancel = true;
}
}
}
public static bool AddImgClasses(string tagName, RemovingTagEventArgs e)
{
if (tagName == "img") // в любую картинку добавляем img-responsive
{
if (!e.Tag.GetAttribute("src").Contains("emoticons")) // Кроме смайликов
{
e.Tag.ClassList.Add("text-img");
}
e.Cancel = true;
}
return(false);
}
private void OnRemovingTag(object sender, RemovingTagEventArgs e)
{
var checkingTags = new[]
{
new { Tag = "iframe", Attribute = "src", AllowedDomainsList = options.AllowedVideoDomainsArr },
new { Tag = "img", Attribute = "src", AllowedDomainsList = options.AllowedImageDomainsArr }
};
var tagName = e.Tag.TagName.ToLower();
var tag = checkingTags.FirstOrDefault(x => x.Tag == tagName);
if (tag != null)
{
CheckAllowedDomains(tag.Attribute, tag.AllowedDomainsList, e);
}
}
public static bool CheckIframeAllowedDomens(string tagName, RemovingTagEventArgs e)
{
if (tagName == "iframe") // вроверяем куда ведёт iframe src, блокируем
// всё, кроме разрешённых сайтов
{
string src = e.Tag.GetAttribute("src").TrimStart().ToLower();
foreach (var allowedDomen in allowedVideoDomens)
{
if (src.StartsWith(allowedDomen))
{
e.Cancel = true;
return(true);
}
}
e.Cancel = false;
return(true);
}
return(false);
}
private bool CheckAllowedDomains(string attrName, IEnumerable <string> allowedDomains, RemovingTagEventArgs e)
{
var src = e.Tag.GetAttribute(attrName).TrimStart().ToLower();
foreach (var allowedDomain in allowedDomains)
{
if (src.StartsWith(allowedDomain))
{
return(e.Cancel = true);
}
}
e.Cancel = false;
return(false);
}
private void ForumSanitizer_RemovingTag(object sender, RemovingTagEventArgs e)
{
string tagName = e.Tag.TagName.ToLower();
var _ = SanitizerBlocksTags.CheckIframeAllowedDomens(tagName, e) ||
SanitizerBlocksTags.AddImgClasses(tagName, e);
}
