Esempio n. 1
0
        public void TestSanitizeHTML() {

            var janitor = new XSSDefender();
            var badScript = "<script>evil</script>";
            string[] whiteList = { "b", "strong", "i", 
            };

            badScript = janitor.SanitizeHTML(badScript, whiteList);

            Assert.AreEqual(@"&lt;script&gt;evil&lt;script&gt;", badScript);
        }
Esempio n. 2
0
        public void TestSanitizeWithBoldandItalicsHTML() {

            var janitor = new XSSDefender();
            var badScript = "<i><b><script>evil</script></b></i>";
            string[] whiteList = { "b", "strong", "i",
            };

            badScript = janitor.SanitizeHTML(badScript, whiteList);

            Assert.AreEqual(@"<i><b>&lt;script&gt;evil&lt;script&gt;</b></i>", badScript);
        }