public static string FilterAHrefScript(string content)
{
string input = TextFilter.FilterScript(content);
string pattern = " href[ ^=]*= *[\\s\\S]*script *:";
return(Regex.Replace(input, pattern, string.Empty, RegexOptions.IgnoreCase));
}
public static string FilterHtml(string content)
{
string input = TextFilter.FilterScript(content);
string pattern = "<[^>]*>";
return(Regex.Replace(input, pattern, string.Empty, RegexOptions.IgnoreCase));
}
public static string FilterSrc(string content)
{
string input = TextFilter.FilterScript(content);
string pattern = " src *= *['\"]?[^\\.]+\\.(js|vbs|asp|aspx|php|jsp)['\"]";
return(Regex.Replace(input, pattern, "", RegexOptions.IgnoreCase));
}
public static string GetTextAndFilter(ITextControl textCtrl)
{
if (textCtrl == null)
{
throw new ArgumentNullException("获取文本内容的控件不能为空!");
}
if (string.IsNullOrEmpty(textCtrl.Text))
{
return("");
}
return(Utility.HtmlEncode(TextFilter.FilterSql(TextFilter.FilterScript(textCtrl.Text.Trim()))));
}
public static string GetTextAndFilter(HiddenField hiddenCtrl)
{
if (hiddenCtrl == null)
{
throw new ArgumentNullException("获取文本内容的控件不能为空!");
}
if (string.IsNullOrEmpty(hiddenCtrl.Value))
{
return("");
}
return(Utility.HtmlEncode(TextFilter.FilterSql(TextFilter.FilterScript(hiddenCtrl.Value.Trim()))));
}
public static string GetText(HiddenField hiddenCtrl)
{
if (hiddenCtrl == null)
{
throw new ArgumentNullException("获取文本内容的控件不能为空!");
}
if (TextUtility.EmptyTrimOrNull(hiddenCtrl.Value))
{
return("");
}
return(TextFilter.FilterScript(hiddenCtrl.Value.Trim()));
}
public static string GetText(ITextControl textCtrl)
{
if (textCtrl == null)
{
throw new ArgumentNullException("获取文本内容的控件不能为空!");
}
if (TextUtility.EmptyTrimOrNull(textCtrl.Text))
{
return("");
}
return(TextFilter.FilterScript(textCtrl.Text.Trim()));
}
public static string GetText(HtmlInputControl valueCtrl)
{
if (valueCtrl == null)
{
throw new ArgumentNullException("获取文本内容的控件不能为空!");
}
if (TextUtility.EmptyTrimOrNull(valueCtrl.Value))
{
return("");
}
return(TextFilter.FilterScript(valueCtrl.Value.Trim()));
}
public static string FilterAll(string content)
{
content = TextFilter.FilterHtml(content);
content = TextFilter.FilterScript(content);
content = TextFilter.FilterAHrefScript(content);
content = TextFilter.FilterObject(content);
content = TextFilter.FilterIframe(content);
content = TextFilter.FilterFrameset(content);
content = TextFilter.FilterSrc(content);
content = TextFilter.FilterBadWords(content);
return(content);
}
public static string Process(FilterType filterType, string filterContent)
{
switch (filterType)
{
case FilterType.Script:
filterContent = TextFilter.FilterScript(filterContent);
return(filterContent);
case FilterType.Html:
filterContent = TextFilter.FilterHtml(filterContent);
return(filterContent);
case FilterType.Object:
filterContent = TextFilter.FilterObject(filterContent);
return(filterContent);
case FilterType.AHrefScript:
filterContent = TextFilter.FilterAHrefScript(filterContent);
return(filterContent);
case FilterType.Iframe:
filterContent = TextFilter.FilterIframe(filterContent);
return(filterContent);
case FilterType.Frameset:
filterContent = TextFilter.FilterFrameset(filterContent);
return(filterContent);
case FilterType.Src:
filterContent = TextFilter.FilterSrc(filterContent);
return(filterContent);
case FilterType.BadWords:
filterContent = TextFilter.FilterBadWords(filterContent);
return(filterContent);
case FilterType.Sql:
case FilterType.Html | FilterType.BadWords:
case FilterType.Script | FilterType.Html | FilterType.BadWords:
case FilterType.AHrefScript | FilterType.BadWords:
case FilterType.Script | FilterType.AHrefScript | FilterType.BadWords:
case FilterType.Html | FilterType.AHrefScript | FilterType.BadWords:
case FilterType.Script | FilterType.Html | FilterType.AHrefScript | FilterType.BadWords:
return(filterContent);
case FilterType.All:
filterContent = TextFilter.FilterAll(filterContent);
return(filterContent);
default:
return(filterContent);
}
}
public static string FilterXHtml(string content)
{
return(TextFilter.FilterXHtml(content, true));
}
public static string FilterScript(string content)
{
string pattern = "<script[^>]*?>.*?</script>";
return(TextFilter.StripScriptAttributesFromTags(Regex.Replace(content, pattern, string.Empty, RegexOptions.IgnoreCase)));
}
