private string GetBaseUrl(IHtmlSanitizationRuleSet ruleSet)
{
var ganssRuleSet = ruleSet as IGanssHtmlSanitizationRuleSet;
if (ganssRuleSet == null)
{
return(null);
}
return(ganssRuleSet.BaseUrl);
}
public string Sanitize(IHtmlContent source)
{
if (source == null)
{
return(string.Empty);
}
IHtmlSanitizationRuleSet ruleSet = null;
if (source is ICustomSanitizationHtmlString)
{
ruleSet = ((ICustomSanitizationHtmlString)source).SanitizationRuleSet;
}
return(Sanitize(source.ToString()?.Trim(), ruleSet));
}
private Ganss.XSS.HtmlSanitizer CreateSanitizer(IHtmlSanitizationRuleSet ruleSet)
{
var sanitizer = new Ganss.XSS.HtmlSanitizer(
ruleSet.PermittedTags,
ruleSet.PermittedSchemes,
ruleSet.PermittedAttributes,
ruleSet.PermittedUriAttributes,
ruleSet.PermittedCssProperties
);
var gnassRuleSet = ruleSet as IGanssHtmlSanitizationRuleSet;
if (gnassRuleSet != null)
{
gnassRuleSet.Initialize(sanitizer);
}
return(sanitizer);
}
public string Sanitize(string source, IHtmlSanitizationRuleSet ruleSet = null)
{
if (string.IsNullOrWhiteSpace(source))
{
return(null);
}
string result;
if (ruleSet == null)
{
result = _defaultSanitizer.Sanitize(source, _defaultBaseUrl);
}
else
{
var sanitizer = CreateSanitizer(ruleSet);
var baseUrl = GetBaseUrl(ruleSet);
result = sanitizer.Sanitize(source, baseUrl);
}
return(result);
}
