当前位置: 首页>>代码示例>>C#>>正文


C# HtmlSanitizer类代码示例

本文整理汇总了C#中HtmlSanitizer的典型用法代码示例。如果您正苦于以下问题:C# HtmlSanitizer类的具体用法?C# HtmlSanitizer怎么用?C# HtmlSanitizer使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。


HtmlSanitizer类属于命名空间,在下文中一共展示了HtmlSanitizer类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C#代码示例。

示例1: XSSLocatorTest

        public void XSSLocatorTest()
        {
            // Arrange
            var sanitizer = new HtmlSanitizer();

            // Act
            string htmlFragment = "<a href=\"'';!--\"<XSS>=&{()}\">";
            string actual = sanitizer.Sanitize(htmlFragment);

            // Assert
            string expected = @"<a href=""'';!--"">=&amp;{()}&quot;&gt;</a>";
            Assert.That(actual, Is.EqualTo(expected).IgnoreCase);
        }
开发者ID:chaowlert,项目名称:HtmlSanitizer,代码行数:13,代码来源:Tests.cs

示例2: ImageXSS2Test

        public void ImageXSS2Test()
        {
            // Arrange
            var sanitizer = new HtmlSanitizer();


            // Act
            string htmlFragment = "<IMG SRC=javascript:alert('XSS')>";
            string actual = sanitizer.Sanitize(htmlFragment);

            // Assert
            string expected = "<IMG>";
            Assert.That(actual, Is.EqualTo(expected).IgnoreCase);
        }
开发者ID:chaowlert,项目名称:HtmlSanitizer,代码行数:14,代码来源:Tests.cs

示例3: AutoLinkTest

 public void AutoLinkTest()
 {
     var sanitizer = new HtmlSanitizer();
     var autolink = new AutoLink();
     sanitizer.PostProcessNode += (s, e) =>
     {
         var text = e.Node as IDomText;
         if (text != null)
         {
             var autolinked = autolink.Link(text.NodeValue);
             if (autolinked != text.NodeValue)
                 foreach (var node in CQ.Create(autolinked))
                     e.ReplacementNodes.Add(node);
         }
     };
     var html = @"<div>Click here: http://example.com/.</div>";
     Assert.That(sanitizer.Sanitize(html), Is.EqualTo(@"<div>Click here: <a href=""http://example.com/"">http://example.com/</a>.</div>").IgnoreCase);
     Assert.That(sanitizer.Sanitize("Check out www.google.com."), Is.EqualTo(@"Check out <a href=""http://www.google.com"">www.google.com</a>.").IgnoreCase);
 }
开发者ID:chaowlert,项目名称:HtmlSanitizer,代码行数:19,代码来源:Tests.cs

示例4: XmlNamespaceXSSTest

        public void XmlNamespaceXSSTest()
        {
            // Arrange
            var sanitizer = new HtmlSanitizer();


            // Act
            string htmlFragment = "<HTML xmlns:xss>  <?import namespace=\"xss\" implementation=\"http://ha.ckers.org/xss.htc\">  <xss:xss>XSS</xss:xss></HTML>";
            string actual = sanitizer.Sanitize(htmlFragment);

            // Assert
            string expected = "";
            Assert.That(actual, Is.EqualTo(expected).IgnoreCase);
        }
开发者ID:chaowlert,项目名称:HtmlSanitizer,代码行数:14,代码来源:Tests.cs

示例5: EmbedTagXSSTest

        public void EmbedTagXSSTest()
        {
            // Arrange
            var sanitizer = new HtmlSanitizer();


            // Act
            string htmlFragment = "<EMBED SRC=\"http://ha.ckers.org/xss.swf\" AllowScriptAccess=\"always\"></EMBED>";
            string actual = sanitizer.Sanitize(htmlFragment);

            // Assert
            string expected = "";
            Assert.That(actual, Is.EqualTo(expected).IgnoreCase);
        }
开发者ID:chaowlert,项目名称:HtmlSanitizer,代码行数:14,代码来源:Tests.cs

示例6: AnchorTagStyleExpressionXSSTest

        public void AnchorTagStyleExpressionXSSTest()
        {
            // Arrange
            var sanitizer = new HtmlSanitizer();


            // Act
            string htmlFragment = "exp/*<A STYLE='no\\xss:noxss(\"*//*\");xss:&#101;x&#x2F;*XSS*//*/*/pression(alert(\"XSS\"))'>";
            string actual = sanitizer.Sanitize(htmlFragment);

            // Assert
            string expected = "exp/*<a></a>";
            Assert.That(actual, Is.EqualTo(expected).IgnoreCase);
        }
开发者ID:chaowlert,项目名称:HtmlSanitizer,代码行数:14,代码来源:Tests.cs

示例7: DivExpressionXSSTest

        public void DivExpressionXSSTest()
        {
            // Arrange
            var sanitizer = new HtmlSanitizer();


            // Act
            string htmlFragment = "<DIV STYLE=\"width: expression(alert('XSS'));\">";
            string actual = sanitizer.Sanitize(htmlFragment);

            // Assert
            string expected = "<div></div>";
            Assert.That(actual, Is.EqualTo(expected).IgnoreCase);
        }
开发者ID:chaowlert,项目名称:HtmlSanitizer,代码行数:14,代码来源:Tests.cs

示例8: DivBackgroundImageWithUnicodedXSSTest

        public void DivBackgroundImageWithUnicodedXSSTest()
        {
            // Arrange
            var sanitizer = new HtmlSanitizer();


            // Act
            string htmlFragment = @"<DIV STYLE=""background-image:\0075\0072\006C\0028'\006a\0061\0076\0061\0073\0063\0072\0069\0070\0074\003a\0061\006c\0065\0072\0074\0028\0027\0058\0053\0053\0027\0029'\0029"">";
            string actual = sanitizer.Sanitize(htmlFragment);

            // Assert
            string expected = "<div></div>";
            Assert.That(actual, Is.EqualTo(expected).IgnoreCase);
        }
开发者ID:chaowlert,项目名称:HtmlSanitizer,代码行数:14,代码来源:Tests.cs

示例9: FrameXSSTest

        public void FrameXSSTest()
        {
            // Arrange
            var sanitizer = new HtmlSanitizer();


            // Act
            string htmlFragment = "<FRAMESET><FRAME SRC=\"javascript:alert('XSS');\"></FRAMESET>";
            string actual = sanitizer.Sanitize(htmlFragment);

            // Assert
            string expected = "";
            Assert.That(actual, Is.EqualTo(expected).IgnoreCase);
        }
开发者ID:chaowlert,项目名称:HtmlSanitizer,代码行数:14,代码来源:Tests.cs

示例10: ImageNullBreaksUpXSSTest2

        public void ImageNullBreaksUpXSSTest2()
        {
            // Arrange
            var sanitizer = new HtmlSanitizer();


            // Act
            string htmlFragment = "<SCR\0IPT>alert(\"XSS\")</SCR\0IPT>";
            string actual = sanitizer.Sanitize(htmlFragment);

            // Assert
            string expected = "";
            Assert.That(actual, Is.EqualTo(expected).IgnoreCase);
        }
开发者ID:chaowlert,项目名称:HtmlSanitizer,代码行数:14,代码来源:Tests.cs

示例11: ImageNullBreaksUpXSSTest1

        public void ImageNullBreaksUpXSSTest1()
        {
            // Arrange
            var sanitizer = new HtmlSanitizer();


            // Act
            string htmlFragment = "<IMG SRC=java\0script:alert(\"XSS\")>";
            string actual = sanitizer.Sanitize(htmlFragment);

            // Assert
            string expected = "<img>";
            Assert.That(actual, Is.EqualTo(expected).IgnoreCase);
        }
开发者ID:chaowlert,项目名称:HtmlSanitizer,代码行数:14,代码来源:Tests.cs

示例12: ImageMultilineInjectedXSSTest

        public void ImageMultilineInjectedXSSTest()
        {
            // Arrange
            var sanitizer = new HtmlSanitizer();


            // Act
            string htmlFragment = @"<IMG
SRC
=
""
j
a
v
a
s
c
r
i
p
t
:
a
l
e
r
t
(
'
X
S
S
'
)
""
>
";

            string actual = sanitizer.Sanitize(htmlFragment);

            // Assert
            string expected = "<img>\n";
            Assert.That(actual, Is.EqualTo(expected).IgnoreCase);
        }
开发者ID:chaowlert,项目名称:HtmlSanitizer,代码行数:44,代码来源:Tests.cs

示例13: ImageEmbeddedCarriageReturnXSSTest

        public void ImageEmbeddedCarriageReturnXSSTest()
        {
            // Arrange
            var sanitizer = new HtmlSanitizer();


            // Act
            string htmlFragment = "<IMG SRC=\"jav&#x0D;ascript:alert('XSS');\">";
            string actual = sanitizer.Sanitize(htmlFragment);

            // Assert
            string expected = "<img>";
            Assert.That(actual, Is.EqualTo(expected).IgnoreCase);
        }
开发者ID:chaowlert,项目名称:HtmlSanitizer,代码行数:14,代码来源:Tests.cs

示例14: ImageHexEncodeXSSTest

        public void ImageHexEncodeXSSTest()
        {
            // Arrange
            var sanitizer = new HtmlSanitizer();


            // Act
            string htmlFragment = "<IMG SRC=&#x6A&#x61&#x76&#x61&#x73&#x63&#x72&#x69&#x70&#x74&#x3A&#x61&#x6C&#x65&#x72&#x74&#x28&#x27&#x58&#x53&#x53&#x27&#x29>";
            string actual = sanitizer.Sanitize(htmlFragment);

            // Assert
            string expected = "<img>";
            Assert.That(actual, Is.EqualTo(expected).IgnoreCase);
        }
开发者ID:chaowlert,项目名称:HtmlSanitizer,代码行数:14,代码来源:Tests.cs

示例15: RussianTextTest

        public void RussianTextTest()
        {
            // Arrange
            var s = new HtmlSanitizer();

            // Act
            var htmlFragment = "Тест";
            var outputFormatter = new CsQuery.Output.FormatDefault(DomRenderingOptions.RemoveComments | DomRenderingOptions.QuoteAllAttributes, HtmlEncoders.Minimum);
            var actual = s.Sanitize(htmlFragment, "", outputFormatter);

            // Assert
            var expected = htmlFragment;
            Assert.That(actual, Is.EqualTo(expected).IgnoreCase);
        }
开发者ID:chaowlert,项目名称:HtmlSanitizer,代码行数:14,代码来源:Tests.cs


注:本文中的HtmlSanitizer类示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。