public void TestMethod1() { var testing = new Security(); string badScript = "<b>hello</b><script>evil</script>"; var testSanitize = testing.SanitizeHTML(badScript, "<b></b>"); Assert.AreEqual("<b>hello</b><script>evil<script>", testSanitize); }
static void Main(string[] args) { var whitelist = new List<string>(); whitelist.Add("<b>"); whitelist.Add("</b>"); whitelist.Add("<p>"); whitelist.Add("</p>"); whitelist.Add("<table>"); whitelist.Add("</table>"); whitelist.Add("<ul>"); whitelist.Add("</ul>"); whitelist.Add("<ol>"); whitelist.Add("</ol>"); whitelist.Add("<li>"); whitelist.Add("</li>"); whitelist.Add("<tr>"); whitelist.Add("</tr>"); whitelist.Add("<td>"); whitelist.Add("</td>"); whitelist.Add("<th>"); whitelist.Add("</th>"); whitelist.Add("<h1>"); whitelist.Add("</h1>"); whitelist.Add("<h2>"); whitelist.Add("</h2>"); whitelist.Add("<h3>"); whitelist.Add("</h3>"); whitelist.Add("<h4>"); whitelist.Add("</h4>"); whitelist.Add("<h5>"); whitelist.Add("</h5>"); whitelist.Add("<h6>"); whitelist.Add("</h6>"); var testHTML = @"<b>hello</b><script>evil</script>"; var sanitizer = new Security(); var sanitizedString = sanitizer.SanitizeHTML(testHTML, whitelist); Console.WriteLine(sanitizedString); Console.ReadLine(); }
static void Main(string[] args) { var secure = new Security(); Console.WriteLine(secure.SanitizeHTML("<b>hello</b><body>evil</body>")); Console.ReadLine(); }