public static string SanitizeHtml(string html, bool isFragment = true)
{
if (string.IsNullOrEmpty(html))
{
return(string.Empty);
}
var sanitizer = new HtmlSanitizer();
if (isFragment)
{
return(sanitizer.Sanitize(html));
}
else
{
return(sanitizer.SanitizeDocument(html));
}
}
public async Task <IActionResult> PreviewArticle(Guid id)
{
var htmlSanitizer = new HtmlSanitizer(); //HtmlSanitizer
var articleEntity = _dbContext.Articles //Get articles that matches Id.
.FirstOrDefault(a => a.Id == id);
if (articleEntity == null) //if null return NotFound
{
return(NotFound());
}
var articleText = await _fileRepository //Read the article from the file.
.GetArticle(articleEntity.ArticlePath);
articleText = htmlSanitizer //Convert article MarkDown and sanitize
.SanitizeDocument(MarkdownParser.Parse(articleText).ToString());
var articleDto = Mapper.Map <GetArticleDto>(articleEntity); //Map article entity to Article Dto
articleDto.ArticleText = articleText; //Add text to article Dto
return(View(articleDto)); //Return dto.
}
/// <summary>
/// Scrape Html content and map to business entity.
/// </summary>
/// <param name="hackerNewsHtmlContent">html content.</param>
/// <param name="pageSize">number of business entities to map.</param>
/// <returns>.</returns>
public IList <HackerNewsItem> ScrapeHackerNewsHtmlContent(string hackerNewsHtmlContent, int pageSize)
{
IList <HackerNewsItem> hackerNewsItem;
HtmlDocument htmlDocument = new HtmlDocument();
var sanitizer = new HtmlSanitizer();
sanitizer.AllowedAttributes.Add("id");
sanitizer.AllowedAttributes.Add("class");
sanitizer.KeepChildNodes = false;
var sanitized = sanitizer.SanitizeDocument(hackerNewsHtmlContent, "https://news.ycombinator.com/");
htmlDocument.LoadHtml(sanitized);
hackerNewsItem = ReadMainFields(htmlDocument, pageSize);
hackerNewsItem = ReadSecondaryFields(htmlDocument, pageSize, hackerNewsItem);
return(hackerNewsItem);
}
/// <summary>
/// Display a published article
/// </summary>
/// <param name="id">id of article</param>
/// <returns>View of article</returns>
public async Task <IActionResult> Article(Guid id)
{
var htmlSanitizer = new HtmlSanitizer(); //HTML sanitizer
var articleEntity = _dbContext.Articles //Get article
.FirstOrDefault(a => a.Id == id);
if (articleEntity == null) //if null return NotFound
{
return(NotFound());
}
else if (articleEntity.Status != Status.Published) //If not published return NotFound
{
return(NotFound());
}
var articleDto = //Map to Dto
Mapper.Map <GetArticleDto>(articleEntity);
var articleText = await _fileRepository //Load article file
.GetArticle(articleEntity.ArticlePath);
articleText = MarkdownParser.Parse(articleText).ToString(); //Parse MarkDown
articleDto.ArticleText = htmlSanitizer //Sanatize and add to DTO
.SanitizeDocument(articleText);
return(View(articleDto)); //return view of DTO
}
public async Task <IActionResult> PreviewArticle(Guid id)
{
var htmlSanitizer = new HtmlSanitizer(); //HTML Sanitizer
var userEntity = await _userManager //Get logged in user's db entry
.GetUserAsync(User);
var articleInfo = _dbContext.Articles //Get all articles
.FirstOrDefault(a => a.Id == id && //That match the Id in the route
a.AuthorId == userEntity.Id); //and is submited by current user
if (articleInfo == null) //if null return not found
{
return(NotFound());
}
var articleText = await _fileRepository //Read article file from disk
.GetArticle(articleInfo.ArticlePath);
articleText = MarkdownParser //parse markdown
.Parse(articleText)
.ToString();
articleText = htmlSanitizer //sanitize
.SanitizeDocument(articleText);
return(View(articleText)); //return View of Article Dto
}
