private static string ValidateString(string s)
{
int num1;
if (HtmlUtil.ContainsHtml(s, out num1))
{
string text1 = "";
int num2 = num1 - 10;
if (num2 <= 0)
{
num2 = 0;
}
else
{
text1 = text1 + "...";
}
int num3 = num1 + 20;
if (num3 >= s.Length)
{
num3 = s.Length;
text1 = text1 + s.Substring(num2, num3 - num2);
}
else
{
text1 = text1 + s.Substring(num2, num3 - num2) + "...";
}
return(text1);
}
return(null);
}
public void TestContainsHtml()
{
Assert.IsFalse(HtmlUtil.ContainsHtml(null));
Assert.IsFalse(HtmlUtil.ContainsHtml(""));
Assert.IsFalse(HtmlUtil.ContainsHtml("whatever"));
Assert.IsTrue(HtmlUtil.ContainsHtml("<html><body>text</body></html>"));
Assert.IsTrue(HtmlUtil.ContainsHtml("<something"));
// Case 1718 - &# shouldn't be detected as "script" on its own, but encoded HTML still should be.
Assert.IsFalse(HtmlUtil.ContainsHtml("and some  escaping"));
Assert.IsTrue(HtmlUtil.ContainsHtml("and some <b> escaping"));
Assert.IsTrue(HtmlUtil.ContainsHtml("and some <b> escaping"));
}
private static void TestXss(string xss)
{
Assert.IsTrue(HtmlUtil.ContainsScript(xss));
Assert.IsTrue(HtmlUtil.ContainsHtml(xss));
}