/// <summary>
/// Sanitize origin html string
/// </summary>
/// <param name="originHtmlString"></param>
/// <param name="policy"></param>
/// <returns></returns>
public static string Sanitize(string originHtmlString, AntiXssPolicy policy)
{
if (string.IsNullOrWhiteSpace(originHtmlString))
{
throw new ArgumentNullException(nameof(originHtmlString));
}
var sanitizer = AntiXssCoreHelper.GetSanitizer(policy);
return(sanitizer.Sanitize(originHtmlString, policy.BaseUrl, policy.OutputFormatter));
}
private AntiXssPolicyBuilder Combine(AntiXssPolicy policy)
{
if (policy == null)
{
throw new ArgumentNullException(nameof(policy));
}
WithTags(policy.AllowedTags.ToArray());
WithSchemes(policy.AllowedSchemes.ToArray());
WithAttributes(policy.AllowedAttributes.ToArray());
WithUriAttributes(policy.UriAttributes.ToArray());
WithCssProperties(policy.AllowedCssProperties.ToArray());
WithBaseUrl(policy.BaseUrl);
WithOutputFormatter(policy.OutputFormatter);
WithUriQueryKeys(policy.UriQueryKeys.ToArray());
return(this);
}
/// <summary>
/// Creates a new instance of the <see cref="AntiXssPolicyBuilder"/>.
/// </summary>
/// <param name="policy">The policy which will be used to intialize the builder.</param>
public AntiXssPolicyBuilder(AntiXssPolicy policy)
{
Combine(policy);
}