public string GetInlineAttributes()
{
var attributes = new StringBuilder();
foreach (string attribute in Attributes.Keys)
{
if (!attribute.IsOneOf("anonymous", "style"))
{
// #1019618 #SWAT-125 - escape not only the single quote but also all characters to avoid poorly generated HTML
var escapedAttribute = BuiltInFunction.EncodeHtmlAttribute(Attributes[attribute]);
attributes.Append(attribute + "='" + escapedAttribute + "' ");
}
}
return(attributes.ToString());
}
public string GetStyle()
{
return(Style.Value.IsEmpty() ? "" : " " + BuiltInFunction.EncodeHtmlAttribute(Style.Value));
}
public string GetCssClass()
{
return(CssClass.IsEmpty() ? "" : " " + BuiltInFunction.EncodeHtmlAttribute(CssClass));
}