public HtmlScriptCollection CommentPopups(HtmlScriptCollection scripts) { foreach (HtmlScript script in scripts) { string parsedString = string.Empty; // get Text value and send for parsing string scriptString = script.Text; parsedString = scriptString.Replace("alert(","//alert("); parsedString = parsedString.Replace("window.open(","0;//window.open("); // change submit for action, as a dummy parsedString = parsedString.Replace(".submit();",".action=\"dummy.asp\";"); parsedString = parsedString.Replace(".focus();",".align=\"top\";"); parsedString = parsedString.Replace(".select();",".align=\"top\";"); script.Text = parsedString; } return scripts; }
public IHTMLDocument2 GetDocumentWithData(HtmlScriptCollection scripts,string data) { // new class HTMLDocumentClass oDoc = new HTMLDocumentClass(); // create class interface instances IHTMLDocument2 iDoc2a = (IHTMLDocument2)oDoc; IHTMLDocument4 iDoc4 = (IHTMLDocument4)oDoc; // This is the key ingredient - have to put some HTML // in the DOM before using it, even though we're not // accessing the DOM. iDoc2a.write("<html></html>"); iDoc2a.close(); iDoc2a.parentWindow.onerror = this; Regex removeScripts = (Regex)_htmlParser.GetRegExpParserScripts["RemoveScripts"]; MatchCollection matches = removeScripts.Matches(data); StringBuilder dataBuffer = new StringBuilder(data); scripts = CommentPopups(scripts); // parse html for (int i=0;i<matches.Count;i++) { HtmlScript scriptTag = scripts[i]; Match m = matches[i]; //dataBuffer.Remove(m.Index,m.Length); StringBuilder newScript = new StringBuilder(); newScript.Append("<script"); if ( scriptTag.Language.Length != 0 ) { newScript.AppendFormat(" language=\"{0}\"",scriptTag.Language); } newScript.Append(">"); newScript.Append(scriptTag.Text); newScript.Append("</script>"); //dataBuffer.Insert(m.Index,newScript.ToString()); dataBuffer.Replace(m.Value,newScript.ToString()); } // write data iDoc2a.write(dataBuffer.ToString()); iDoc2a.close(); return iDoc2a; }