private void SanitizeHtmlNode(HtmlNode node) { if (node.NodeType == HtmlNodeType.Element) { // check for blacklist items and remove if (BlackList.Contains(node.Name)) { node.Remove(); return; } // remove CSS Expressions and embedded script links if (node.Name == "style") { if (string.IsNullOrEmpty(node.InnerText)) { if (node.InnerHtml.Contains("expression") || node.InnerHtml.Contains("javascript:")) node.ParentNode.RemoveChild(node); } } // remove script attributes if (node.HasAttributes) { for (int i = node.Attributes.Count - 1; i >= 0; i--) { HtmlAttribute currentAttribute = node.Attributes[i]; var attr = currentAttribute.Name.ToLower(); var val = currentAttribute.Value.ToLower(); //span style="background: white; color: green"> remove event handlers if (attr.StartsWith("on")) node.Attributes.Remove(currentAttribute); // remove script links else if ( //(attr == "href" || attr== "src" || attr == "dynsrc" || attr == "lowsrc") && val != null && val.Contains("javascript:")) node.Attributes.Remove(currentAttribute); // Remove CSS Expressions else if (attr == "style" && val != null && val.Contains("expression") || val.Contains("javascript:") || val.Contains("vbscript:")) node.Attributes.Remove(currentAttribute); } } } // Look through child nodes recursively if (node.HasChildNodes) { for (int i = node.ChildNodes.Count - 1; i >= 0; i--) { SanitizeHtmlNode(node.ChildNodes[i]); } } }
public static HtmlNode RemoveComments(HtmlNode node) { foreach (var n in node.ChildNodes.ToArray()) RemoveComments(n); if (node.NodeType == HtmlNodeType.Comment) node.Remove(); return node; }
/// <summary> /// Converts ko tag into a ko comment (virtual element) if bindings still exist; otherwise, /// removes the tag entirely, but preserves the child nodes in the process. /// </summary> /// <param name="node">The ko element.</param> private static void SimplifyKoTag(HtmlNode node) { if (node.Name != "ko") return; var parentNode = node.ParentNode; if (node.HasAttributes) parentNode.InsertBefore(HtmlNode.CreateNode( string.Format("<!-- ko {0} -->", node.Attributes["data-bind"].Value)), node); foreach (var cn in node.ChildNodes) parentNode.InsertBefore(cn, node); if (node.HasAttributes) parentNode.InsertBefore(HtmlNode.CreateNode("<!-- /ko -->"), node); node.Remove(); }
private static void SanitizeNode(HtmlNode node) { if (node.NodeType == HtmlNodeType.Element) { // TODO: whitelist? node.Remove(); return; } if (node.HasChildNodes) { for (int i = node.ChildNodes.Count - 1; i >= 0; i--) { SanitizeNode(node.ChildNodes[i]); } } }
private void SanitizeHtmlNode(HtmlNode node) { if (node.NodeType == HtmlNodeType.Element) { // check for WhiteList items and remove if (!WhiteList.Contains(node.Name)) { node.Remove(); return; } // remove CSS Expressions and embedded script links if (node.Name == "style") { var val = node.InnerHtml; if (string.IsNullOrEmpty(node.InnerText)) { if (HasExpressionLinks(val) || HasScriptLinks(val) ) node.ParentNode.RemoveChild(node); } } // remove script attributes if (node.HasAttributes) { for (int i = node.Attributes.Count - 1; i >= 0; i--) { HtmlAttribute currentAttribute = node.Attributes[i]; var attr = currentAttribute.Name.ToLower(); var val = currentAttribute.Value.ToLower(); // remove event handlers if (attr.StartsWith("on")) { node.Attributes.Remove(currentAttribute); } // Remove CSS Expressions else if (attr == "style" && val != null && HasExpressionLinks(val) || HasScriptLinks(val)) { node.Attributes.Remove(currentAttribute); } // remove script links from all attributes else if (val != null && HasScriptLinks(val)) { node.Attributes.Remove(currentAttribute); } } } } // Look through child nodes recursively if (node.HasChildNodes) { for (int i = node.ChildNodes.Count - 1; i >= 0; i--) { SanitizeHtmlNode(node.ChildNodes[i]); } } }
private void RemoveComments(HtmlNode node) { if (_removeComments) { if (node.NodeType == HtmlNodeType.Comment) { var parentNode = node.ParentNode; node.Remove(); if (parentNode.Attributes.Count == 0 && (parentNode.InnerText == null || parentNode.InnerText == string.Empty)) { parentNode.Remove(); } return; } } }
/// <summary> /// Run a process recursively on an HtmlNode and all those it contains /// </summary> /// <param name="node">The top level HtmlNode</param> /// <param name="process">Action on an HtmlNode</param> public static void NodeProcess(HtmlNode node, Action<HtmlNode> process) { if (node.NodeType == HtmlNodeType.Element) { process(node); } else if (node.NodeType == HtmlNodeType.Comment) { node.Remove(); } // Look through child nodes recursively if (node.HasChildNodes) { for (int i = node.ChildNodes.Count - 1; i >= 0; i--) { if (i >= node.ChildNodes.Count) i = node.ChildNodes.Count - 1; NodeProcess(node.ChildNodes[i], process); } } }
/// <summary> /// /// </summary> /// <param name="node"></param> public static void RemoveComments(HtmlNode node) { foreach (var n in node.ChildNodes.ToArray()) { RemoveComments(n); } if (node.NodeType == HtmlNodeType.Comment) { node.Remove(); } }
/// <summary> /// Filters the element, returns whether the element was removed. /// </summary> /// <param name="node"></param> /// <returns></returns> private bool filterElement(HtmlNode node) { if (ElementFilter.IsValid(node)) { for(int i = 0; i < node.ChildNodes.Count; i++) { if (filterElement(node.ChildNodes[i])) { i--; } } return false; } else { node.RemoveAllChildren(); node.Remove(); return true; } }