public virtual void Write(string value) { if (value == null) { return; } WriteLiteral(HtmlEncoder.Encode(value)); }
/// <summary> /// Adds a segment to the title and returns all segments. /// </summary> /// <param name="segment">The segment to add to the title.</param> /// <param name="position">Optional. The position of the segment in the title.</param> /// <param name="separator">The html string that should separate all segments.</param> /// <returns>And <see cref="IHtmlContent"/> instance representing the full title.</returns> public IHtmlContent RenderTitleSegments(string segment, string position = "0", IHtmlContent separator = null) { if (!String.IsNullOrEmpty(segment)) { Title.AddSegment(new HtmlString(HtmlEncoder.Encode(segment)), position); } return(Title.GenerateTitle(separator)); }
protected void WriteTo(StringBuilder writer, string value) { if (value == null) { return; } WriteLiteralTo(writer, HtmlEncoder.Encode(value)); }
public override void Process(TagHelperContext context, TagHelperOutput output) { output.TagName = "div"; output.TagMode = TagMode.StartTagAndEndTag; var sb = new StringBuilder(); if (IncludeMachine) { sb.Append(" <strong>Machine</strong> "); sb.Append(_htmlEncoder.Encode(Environment.MachineName)); } if (IncludeOS) { sb.Append(" <strong>OS</strong> "); sb.Append( _htmlEncoder.Encode(RuntimeInformation.OSDescription)); } output.Content.SetHtmlContent(sb.ToString()); }
public IEnumerable <string> Post([FromBody] MobileConnector visitor) { if (_dbContext != null) { _dbContext.Visitors.Add(visitor); _dbContext.SaveChanges(); } return(new string[] { _htmlEncoder.Encode("Hello " + visitor.Name) }); }
private static void WriteTo(TextWriter writer, HtmlEncoder encoder, string value) { if (!string.IsNullOrEmpty(value)) { // Perf: Encode right away instead of writing it character-by-character. // character-by-character isn't efficient when using a writer backed by a ViewBuffer. var encoded = encoder.Encode(value); writer.Write(encoded); } }
//public IActionResult Index() //{ // return View(); //} public IActionResult Index() // injecting encoder in controller { const string xssScript = "<script>alert('XSS')</script>"; List <string> encodedScripts = new List <string>(); encodedScripts.Add(_htmlEncoder.Encode(xssScript)); encodedScripts.Add(_javaScriptEncoder.Encode(xssScript)); return(View("index", encodedScripts)); }
public void WriteTo(TextWriter writer, HtmlEncoder encoder) { if (encoder == null) { writer.Write(Value); } else { writer.Write(encoder.Encode(Value)); } }
public async Task <IActionResult> UpdateOrder(OrderDTO orderToUpdate) { if (orderToUpdate.Description != null) { orderToUpdate.Description = _htmlEncoder.Encode(_javaScriptEncoder.Encode(orderToUpdate.Description)); } var order = await _orderServices.UpdateOrder(orderToUpdate); return(StatusCode(200, order)); }
public void EncodeTest(string input, string expected) { // Arrange var htmlEncoder = new HtmlEncoder(); // Act var result = htmlEncoder.Encode(input); // Assert Assert.Equal(expected, result); }
public virtual async Task <IActionResult> OnGetAsync(string keyword) { if (!await _documentAppService.FullSearchEnabledAsync()) { return(RedirectToPage("Index")); } KeyWord = keyword; Project = await _projectAppService.GetAsync(ProjectName); var output = await _projectAppService.GetVersionsAsync(Project.ShortName); var versions = output.Items.ToList(); if (versions.Any() && string.Equals(Version, DocsAppConsts.Latest, StringComparison.OrdinalIgnoreCase)) { if ((!Project.ExtraProperties.ContainsKey("GithubVersionProviderSource") || (GithubVersionProviderSource)(long)Project.ExtraProperties["GithubVersionProviderSource"] == GithubVersionProviderSource.Releases) && !string.IsNullOrEmpty(Project.LatestVersionBranchName)) { Version = Project.LatestVersionBranchName; } else { Version = (versions.FirstOrDefault(v => !SemanticVersionHelper.IsPreRelease(v.Name)) ?? versions.First()).Name; } } SearchOutputs = await _documentAppService.SearchAsync(new DocumentSearchInput { ProjectId = Project.Id, Context = KeyWord, LanguageCode = LanguageCode, Version = Version }); var highlightTag1 = Guid.NewGuid().ToString(); var highlightTag2 = Guid.NewGuid().ToString(); foreach (var searchOutput in SearchOutputs) { for (var i = 0; i < searchOutput.Highlight.Count; i++) { searchOutput.Highlight[i] = _encoder .Encode(searchOutput.Highlight[i].Replace("<highlight>", highlightTag1) .Replace("</highlight>", highlightTag2)) .Replace(highlightTag1, "<highlight>").Replace(highlightTag2, "</highlight>"); } } return(Page()); }
public IActionResult About() { // Simple code example for HTML encoder var example = "\"Quoted Value with spaces and &\""; var encodedValue = _htmlEncoder.Encode(example); ViewData["Title"] = encodedValue; return(View()); }
/// <summary> /// Adds the given <paramref name="classValue"/> to the <paramref name="tagHelperOutput"/>'s /// <see cref="TagHelperOutput.Attributes"/>. /// </summary> /// <param name="tagHelperOutput">The <see cref="TagHelperOutput"/> this method extends.</param> /// <param name="classValue">The class value to add.</param> /// <param name="htmlEncoder">The current HTML encoder.</param> public static void AddClass( this TagHelperOutput tagHelperOutput, string classValue, HtmlEncoder htmlEncoder) { if (tagHelperOutput == null) { throw new ArgumentNullException(nameof(tagHelperOutput)); } if (string.IsNullOrEmpty(classValue)) { return; } var encodedSpaceChars = SpaceChars.Where(x => !x.Equals('\u0020')).Select(x => htmlEncoder.Encode(x.ToString())).ToArray(); if (SpaceChars.Any(classValue.Contains) || encodedSpaceChars.Any(value => classValue.IndexOf(value, StringComparison.Ordinal) >= 0)) { throw new ArgumentException(Resources.ArgumentCannotContainHtmlSpace, nameof(classValue)); } if (!tagHelperOutput.Attributes.TryGetAttribute("class", out TagHelperAttribute classAttribute)) { tagHelperOutput.Attributes.Add("class", classValue); } else { var currentClassValue = ExtractClassValue(classAttribute, htmlEncoder); var encodedClassValue = htmlEncoder.Encode(classValue); if (string.Equals(currentClassValue, encodedClassValue, StringComparison.Ordinal)) { return; } var arrayOfClasses = currentClassValue.Split(SpaceChars, StringSplitOptions.RemoveEmptyEntries) .SelectMany(perhapsEncoded => perhapsEncoded.Split(encodedSpaceChars, StringSplitOptions.RemoveEmptyEntries)) .ToArray(); if (arrayOfClasses.Contains(encodedClassValue, StringComparer.Ordinal)) { return; } var newClassAttribute = new TagHelperAttribute( classAttribute.Name, new HtmlString($"{currentClassValue} {encodedClassValue}"), classAttribute.ValueStyle); tagHelperOutput.Attributes.SetAttribute(newClassAttribute); } }
private static void AppendToOutput( StringBuilder tokenBuffer, object[] arguments, TextWriter writer, HtmlEncoder encoder) { if (tokenBuffer != null && tokenBuffer.Length > 0) { encoder.Encode(writer, string.Format(tokenBuffer.ToString(), arguments)); } }
public ActionResult Edit(CustomerSearchMvcResponseModel customerSearchMvcResponseData) { if (ModelState.IsValid) { customerSearchMvcResponseData.CustomerName = _htmlEncoder.Encode(customerSearchMvcResponseData.CustomerName); // Update the employee... // Display a confirmation and redirect to a better view. return(RedirectToAction("Index")); } return(View(customerSearchMvcResponseData)); }
public override void BuildPost(XRpcStruct rpcStruct, XmlRpcContext context, ContentItem contentItem) { var titlePart = contentItem.As <TitlePart>(); if (titlePart == null) { return; } rpcStruct.Set("title", _encoder.Encode(titlePart.Title)); }
public string EncodeString(string ValueToEncode) { ValueToEncode = _htmlEncoder.Encode(ValueToEncode); // ValueToEncode = _urlEncoder.Encode(ValueToEncode); ValueToEncode = _javaScriptEncoder.Encode(ValueToEncode); Regex rRemScript = new Regex(@"<script[^>]*>[\s\S]*?</script>"); ValueToEncode = rRemScript.Replace(ValueToEncode, ""); return(ValueToEncode); }
public void Encode_OnEmptyString_ReturnEmptyString(string input) { // Arrange var output = new StringBuilder(); // Act HtmlEncoder.Encode(input, output, new ArrayList()); var actualResult = output.ToString(); // Assert actualResult.ShouldBeNullOrWhiteSpace(); }
public void EncodeTest(string input, string expected) { // Arrange var htmlEncoder = new HtmlEncoder(CultureInfo.InvariantCulture); using var writer = new StringWriter(); // Act htmlEncoder.Encode(input, writer); // Assert Assert.Equal(expected, writer.ToString()); }
public override void WriteLine(LogPriority logPriority, string[] msg) { string color = GetColor(logPriority); sb.Append("<tr style=\"vertical-align: top\">"); foreach (var part in msg) { string encoded = htmlEncoder.Encode(part); var boldedMessage = "<pre>" + encoded + "</pre>"; sb.AppendLine($"<td><div style=\"color: {color}\">{boldedMessage}</div></td>"); } sb.Append("</tr>"); }
public void WriteTo(TextWriter writer, HtmlEncoder encoder) { foreach (KeyValuePair <String, Object> attribute in this) { writer.Write(" "); writer.Write(attribute.Key); writer.Write("=\""); writer.Write(encoder.Encode(attribute.Value?.ToString())); writer.Write("\""); } }
public void WriteTo(TextWriter writer, HtmlEncoder encoder) { ArgumentNullException.ThrowIfNull(writer); ArgumentNullException.ThrowIfNull(encoder); // Write out "{left} {right}" in the common nothing-empty case. var wroteLeft = false; if (_left != null) { if (_left is IHtmlContent htmlContent) { // Ignore case where htmlContent is HtmlString.Empty. At worst, will add a leading space to the // generated attribute value. htmlContent.WriteTo(writer, encoder); wroteLeft = true; } else { var stringValue = _left.ToString(); if (!string.IsNullOrEmpty(stringValue)) { encoder.Encode(writer, stringValue); wroteLeft = true; } } } if (!string.IsNullOrEmpty(_right)) { if (wroteLeft) { writer.Write(' '); } encoder.Encode(writer, _right); } }
public IActionResult Index([FromQuery] SearchViewModel searchViewModel) { var posts = _postsBll.GetAll(searchViewModel.SearchInput) .Select(p => p.ToViewModel()); if (searchViewModel?.SearchInput != null) { searchViewModel.SearchSafe = _htmlEncoder.Encode(searchViewModel.SearchInput); } return(View(new FeedPageViewModel { Posts = posts, SearchObject = searchViewModel })); }
public static async Task RenderFortunesHtml(IEnumerable <IFortune> model, HttpContext httpContext, HtmlEncoder htmlEncoder) { httpContext.Response.StatusCode = StatusCodes.Status200OK; httpContext.Response.ContentType = "text/html; charset=UTF-8"; await httpContext.Response.WriteAsync("<!DOCTYPE html><html><head><title>Fortunes</title></head><body><table><tr><th>id</th><th>message</th></tr>"); foreach (IFortune item in model) { await httpContext.Response.WriteAsync($"<tr><td>{htmlEncoder.Encode(item.Id.ToString())}</td><td>{htmlEncoder.Encode(item.Message)}</td></tr>"); } await httpContext.Response.WriteAsync("</table></body></html>"); }
public void WriteTo(TextWriter writer, HtmlEncoder encoder) { var htmlTextWriter = writer as HtmlTextWriter; if (htmlTextWriter != null) { htmlTextWriter.Write(this); } else { encoder.Encode(writer, _firstSegment, 0, _firstSegmentLength); writer.Write(_secondSegment); } }
protected virtual string GetInnerHtml(TagHelperContext context, TagHelperOutput output) { if (string.IsNullOrWhiteSpace(TagHelper.Href)) { output.Attributes.Add("aria-current", "page"); return(_encoder.Encode(TagHelper.Title)); } var link = new TagBuilder("a"); link.Attributes.Add("href", TagHelper.Href); link.InnerHtml.Append(TagHelper.Title); return(link.ToHtmlString()); }
protected virtual string GetOpeningTags(TagHelperContext context, TagHelperOutput output) { var localizer = _stringLocalizerFactory.Create(typeof(AbpUiResource)); var pagerInfo = (TagHelper.ShowInfo ?? false) ? " <div class=\"col-sm-12 col-md-5\"> " + _encoder.Encode(localizer["PagerInfo{0}{1}{2}", TagHelper.Model.ShowingFrom, TagHelper.Model.ShowingTo, TagHelper.Model.TotalItemsCount]) + "</div>\r\n" : ""; return (pagerInfo + " <div class=\"col-sm-12 col-md-7\">\r\n" + " <nav aria-label=\"Page navigation\">\r\n" + " <ul class=\"pagination justify-content-end\">"); }
public async Task <IActionResult> OnGet(int id) { Session = await _apiClient.GetSessionAsync(id); if (Session == null) { return(RedirectToPage("/Index")); } var allSessions = await _apiClient.GetSessionsAsync(); var startDate = allSessions.Min(s => s.StartTime?.Date); DayOffset = Session.StartTime?.DateTime.Subtract(startDate ?? DateTimeOffset.MinValue).Days; if (!string.IsNullOrEmpty(Session.Abstract)) { var encodedCrLf = _htmlEncoder.Encode("\r\n"); var encodedAbstract = _htmlEncoder.Encode(Session.Abstract); Session.Abstract = "<p>" + String.Join("</p><p>", encodedAbstract.Split(encodedCrLf, StringSplitOptions.RemoveEmptyEntries)) + "</p>"; } return(Page()); }
/// <inheritdoc /> public void WriteTo(TextWriter writer, HtmlEncoder encoder) { if (writer == null) { throw new ArgumentNullException(nameof(writer)); } if (encoder == null) { throw new ArgumentNullException(nameof(encoder)); } encoder.Encode(writer, _input); }
private string AlterCustomBoldWordsToBoldTags(string cardContent, HtmlEncoder htmlEncoder, CardColors cardColor) { var modifiedCardContent = string.Empty; Match matchCollection; try { matchCollection = Regex.Match(cardContent, onScreenWhileEditing_BoldRegex_Pattern, RegexOptions.IgnoreCase | RegexOptions.Compiled, TimeSpan.FromSeconds(1)); if (matchCollection.Success) { modifiedCardContent = cardContent; while (matchCollection.Success) { var boldText_Replacement = matchCollection.Groups["boldText"].Value; boldText_Replacement = boldText_Replacement.Replace("<", htmlEncoder.Encode("<")); boldText_Replacement = boldText_Replacement.Replace(">", htmlEncoder.Encode(">")); boldText_Replacement = String.Concat($"<b style='font-family: ui-sans-serif; font-stretch: expanded; font-size: 125%; color:{nameof(cardColor)};'>", boldText_Replacement, "</b>"); modifiedCardContent = modifiedCardContent.Replace($"[bold]{matchCollection.Groups["boldText"].Value}[/bold]", boldText_Replacement); matchCollection = matchCollection.NextMatch(); } } else { modifiedCardContent = cardContent; } } catch (RegexMatchTimeoutException) { Console.WriteLine("The matching operation timed out."); } return(modifiedCardContent); }