C# (CSharp) AllowedTags示例

示例#1

文件： HtmlSanitizer.cs 项目： minton/HtmlSanitizer

        /// <summary>
        /// Sanitizes the specified HTML.
        /// </summary>
        /// <param name="html">The HTML to sanitize.</param>
        /// <param name="baseUrl">The base URL relative URLs are resolved against. No resolution if empty.</param>
        /// <returns>The sanitized HTML.</returns>
        public string Sanitize(string html, string baseUrl = "")
        {
            var dom = CQ.Create(html);

            dom["*"].Not(string.Join(",", AllowedTags.ToArray())).Remove();
            foreach (var tag in dom["*"])
            {
                foreach (var attribute in tag.Attributes.Where(a => !AllowedAttributesSet.Contains(a.Key)).ToList())
                {
                    tag.RemoveAttribute(attribute.Key);
                }

                foreach (var attribute in tag.Attributes.Where(a => UriAttributes.Contains(a.Key)).ToList())
                {
                    var url = SanitizeUrl(attribute.Value, baseUrl);
                    if (url == null)
                    {
                        tag.RemoveAttribute(attribute.Key);
                    }
                    else
                    {
                        tag.SetAttribute(attribute.Key, url);
                    }
                }

                SanitizeStyle(tag.Style, baseUrl);

                foreach (var attribute in tag.Attributes.ToList())
                {
                    if (JSInclude.IsMatch(attribute.Value))
                    {
                        tag.RemoveAttribute(attribute.Key);
                    }

                    var val = attribute.Value;
                    if (val.Contains('<'))
                    {
                        val = val.Replace("<", "&lt;"); tag.SetAttribute(attribute.Key, val);
                    }
                    if (val.Contains('>'))
                    {
                        val = val.Replace(">", "&gt;"); tag.SetAttribute(attribute.Key, val);
                    }
                }
            }

            var output = dom.Render(DomRenderingOptions.RemoveComments | DomRenderingOptions.QuoteAllAttributes);

            return(output);
        }

示例#2

        internal Md2HtmlSanitizer()
        {
            AllowedTags.Add(@"meta");
            AllowedTags.Add(@"style");

            AllowedAttributes.Add(@"content");
            AllowedAttributes.Add(@"http-equiv");

            AllowedCssProperties.Add(@"src");

            RemovingAtRule    += ChangedEvent;
            RemovingAttribute += ChangedEvent;
            RemovingCssClass  += ChangedEvent;
            RemovingStyle     += ChangedEvent;
            RemovingTag       += ChangedEvent;
        }

示例#3

文件： HtmlSanitizer.cs 项目： stoolball-england/stoolball-org-uk

 public HtmlSanitizer() : base()
 {
     AllowedTags.Clear();
     AllowedTags.Add("p");
     AllowedTags.Add("h2");
     AllowedTags.Add("strong");
     AllowedTags.Add("em");
     AllowedTags.Add("ul");
     AllowedTags.Add("ol");
     AllowedTags.Add("li");
     AllowedTags.Add("a");
     AllowedTags.Add("br");
     AllowedAttributes.Clear();
     AllowedAttributes.Add("href");
     AllowedCssProperties.Clear();
     AllowedAtRules.Clear();
 }

示例#4

        internal Md2HtmlSanitizer()
        {
            AllowedTags.Add(@"meta");
            AllowedTags.Add(@"style");

            AllowedAttributes.Add(@"content");
            AllowedAttributes.Add(@"http-equiv");
            AllowedAttributes.Add(@"id");
            AllowedAttributes.Add(@"class");

            AllowedCssProperties.Add(@"src");
            AllowedCssProperties.Add(@"word-break");
            AllowedCssProperties.Add(@"word-wrap");
            AllowedCssProperties.Add(@"-moz-tab-size");
            AllowedCssProperties.Add(@"-o-tab-size");
            AllowedCssProperties.Add(@"tab-size");
            AllowedCssProperties.Add(@"-webkit-hyphens");
            AllowedCssProperties.Add(@"-moz-hyphens");
            AllowedCssProperties.Add(@"-ms-hyphens");
            AllowedCssProperties.Add(@"hyphens");
            AllowedCssProperties.Add(@"background-position-x");
            AllowedCssProperties.Add(@"background-position-y");
            AllowedCssProperties.Add(@"transition-property");
            AllowedCssProperties.Add(@"transition-duration");
            AllowedCssProperties.Add(@"transition-timing-function");
            AllowedCssProperties.Add(@"transition-delay");
            AllowedCssProperties.Add(@"box-shadow");

            AllowedSchemes.Add(@"file");
            AllowedSchemes.Add(@"data");

            AllowedAtRules.Add(CssRuleType.Media);
            AllowedAtRules.Add(CssRuleType.Keyframe);
            AllowedAtRules.Add(CssRuleType.Keyframes);

            RemovingAtRule    += ChangedEvent;
            RemovingAttribute += ChangedEvent;
            RemovingCssClass  += ChangedEvent;
            RemovingStyle     += ChangedEvent;
            RemovingTag       += ChangedEvent;
        }

示例#5

 /// <summary>
 /// Determines whether the specified tag is allowed.
 /// </summary>
 /// <param name="tag">The tag.</param>
 /// <returns><c>true</c> if the tag is allowed; otherwise, <c>false</c>.</returns>
 private bool IsAllowedTag(IElement tag)
 {
     return(AllowedTags.Contains(tag.NodeName));
 }

示例#6

 /// <summary>
 /// Determines whether the specified tag is allowed.
 /// </summary>
 /// <param name="tag">The tag.</param>
 /// <returns><c>true</c> if the tag is allowed; otherwise, <c>false</c>.</returns>
 private bool IsAllowedTag(IDomNode tag)
 {
     return(AllowedTags.Contains(tag.NodeName));
 }

示例#7

文件： MarkupWriter.cs 项目： exbuzz/scraper

        public TagDefinition GetTagDefinition(string tagName)
        {
            TagDefinition td;

            return(AllowedTags.TryGetValue(tagName, out td) ? td : null);
        }