Exemplo n.º 1
0
        public static string FilterAHrefScript(string content)
        {
            string input   = TextFilter.FilterScript(content);
            string pattern = " href[ ^=]*= *[\\s\\S]*script *:";

            return(Regex.Replace(input, pattern, string.Empty, RegexOptions.IgnoreCase));
        }
Exemplo n.º 2
0
        public static string FilterHtml(string content)
        {
            string input   = TextFilter.FilterScript(content);
            string pattern = "<[^>]*>";

            return(Regex.Replace(input, pattern, string.Empty, RegexOptions.IgnoreCase));
        }
Exemplo n.º 3
0
        public static string FilterSrc(string content)
        {
            string input   = TextFilter.FilterScript(content);
            string pattern = " src *= *['\"]?[^\\.]+\\.(js|vbs|asp|aspx|php|jsp)['\"]";

            return(Regex.Replace(input, pattern, "", RegexOptions.IgnoreCase));
        }
Exemplo n.º 4
0
 public static string GetTextAndFilter(ITextControl textCtrl)
 {
     if (textCtrl == null)
     {
         throw new ArgumentNullException("获取文本内容的控件不能为空!");
     }
     if (string.IsNullOrEmpty(textCtrl.Text))
     {
         return("");
     }
     return(Utility.HtmlEncode(TextFilter.FilterSql(TextFilter.FilterScript(textCtrl.Text.Trim()))));
 }
Exemplo n.º 5
0
 public static string GetTextAndFilter(HiddenField hiddenCtrl)
 {
     if (hiddenCtrl == null)
     {
         throw new ArgumentNullException("获取文本内容的控件不能为空!");
     }
     if (string.IsNullOrEmpty(hiddenCtrl.Value))
     {
         return("");
     }
     return(Utility.HtmlEncode(TextFilter.FilterSql(TextFilter.FilterScript(hiddenCtrl.Value.Trim()))));
 }
Exemplo n.º 6
0
 public static string GetText(HiddenField hiddenCtrl)
 {
     if (hiddenCtrl == null)
     {
         throw new ArgumentNullException("获取文本内容的控件不能为空!");
     }
     if (TextUtility.EmptyTrimOrNull(hiddenCtrl.Value))
     {
         return("");
     }
     return(TextFilter.FilterScript(hiddenCtrl.Value.Trim()));
 }
Exemplo n.º 7
0
 public static string GetText(ITextControl textCtrl)
 {
     if (textCtrl == null)
     {
         throw new ArgumentNullException("获取文本内容的控件不能为空!");
     }
     if (TextUtility.EmptyTrimOrNull(textCtrl.Text))
     {
         return("");
     }
     return(TextFilter.FilterScript(textCtrl.Text.Trim()));
 }
Exemplo n.º 8
0
 public static string GetText(HtmlInputControl valueCtrl)
 {
     if (valueCtrl == null)
     {
         throw new ArgumentNullException("获取文本内容的控件不能为空!");
     }
     if (TextUtility.EmptyTrimOrNull(valueCtrl.Value))
     {
         return("");
     }
     return(TextFilter.FilterScript(valueCtrl.Value.Trim()));
 }
Exemplo n.º 9
0
 public static string FilterAll(string content)
 {
     content = TextFilter.FilterHtml(content);
     content = TextFilter.FilterScript(content);
     content = TextFilter.FilterAHrefScript(content);
     content = TextFilter.FilterObject(content);
     content = TextFilter.FilterIframe(content);
     content = TextFilter.FilterFrameset(content);
     content = TextFilter.FilterSrc(content);
     content = TextFilter.FilterBadWords(content);
     return(content);
 }
Exemplo n.º 10
0
        public static string Process(FilterType filterType, string filterContent)
        {
            switch (filterType)
            {
            case FilterType.Script:
                filterContent = TextFilter.FilterScript(filterContent);
                return(filterContent);

            case FilterType.Html:
                filterContent = TextFilter.FilterHtml(filterContent);
                return(filterContent);

            case FilterType.Object:
                filterContent = TextFilter.FilterObject(filterContent);
                return(filterContent);

            case FilterType.AHrefScript:
                filterContent = TextFilter.FilterAHrefScript(filterContent);
                return(filterContent);

            case FilterType.Iframe:
                filterContent = TextFilter.FilterIframe(filterContent);
                return(filterContent);

            case FilterType.Frameset:
                filterContent = TextFilter.FilterFrameset(filterContent);
                return(filterContent);

            case FilterType.Src:
                filterContent = TextFilter.FilterSrc(filterContent);
                return(filterContent);

            case FilterType.BadWords:
                filterContent = TextFilter.FilterBadWords(filterContent);
                return(filterContent);

            case FilterType.Sql:
            case FilterType.Html | FilterType.BadWords:
            case FilterType.Script | FilterType.Html | FilterType.BadWords:
            case FilterType.AHrefScript | FilterType.BadWords:
            case FilterType.Script | FilterType.AHrefScript | FilterType.BadWords:
            case FilterType.Html | FilterType.AHrefScript | FilterType.BadWords:
            case FilterType.Script | FilterType.Html | FilterType.AHrefScript | FilterType.BadWords:
                return(filterContent);

            case FilterType.All:
                filterContent = TextFilter.FilterAll(filterContent);
                return(filterContent);

            default:
                return(filterContent);
            }
        }
Exemplo n.º 11
0
 public static string FilterXHtml(string content)
 {
     return(TextFilter.FilterXHtml(content, true));
 }
Exemplo n.º 12
0
        public static string FilterScript(string content)
        {
            string pattern = "<script[^>]*?>.*?</script>";

            return(TextFilter.StripScriptAttributesFromTags(Regex.Replace(content, pattern, string.Empty, RegexOptions.IgnoreCase)));
        }