当前位置: 首页>>代码示例>>C#>>正文

C# Sanitizer.MarkupSanitizer类代码示例

本文整理汇总了C#中Roadkill.Core.Text.Sanitizer.MarkupSanitizer的典型用法代码示例。如果您正苦于以下问题:C# MarkupSanitizer类的具体用法?C# MarkupSanitizer怎么用?C# MarkupSanitizer使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。


MarkupSanitizer类属于Roadkill.Core.Text.Sanitizer命名空间,在下文中一共展示了MarkupSanitizer类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C#代码示例。

示例1: AnchorTagContentReplaceXSSTest

        public void AnchorTagContentReplaceXSSTest()
        {
            // Arrange
            MarkupSanitizer sanitizer = new MarkupSanitizer(_settings);

            // Act
            string htmlFragment = "<A HREF=\"http://www.gohttp://www.google.com/ogle.com/\">XSS</A>";
            string actual = sanitizer.SanitizeHtml(htmlFragment);

            // Assert
            string expected = "<A HREF=\"http&#x3A;&#x2F;&#x2F;www&#x2E;gohttp&#x3A;&#x2F;&#x2F;www&#x2E;google&#x2E;com&#x2F;ogle&#x2E;com&#x2F;\">XSS</A>";
            Assert.That(actual, Is.EqualTo(expected).IgnoreCase);
        }
开发者ID:NaseUkolyCZ,项目名称:roadkill,代码行数:13,代码来源:MarkupSanitizerTests.cs

示例2: shoulddeserializewhitelistfromexistingxmlfile

		public void shoulddeserializewhitelistfromexistingxmlfile()
		{
			// Arrange
			string whitelistFile = Path.Combine(AppDomain.CurrentDomain.BaseDirectory, "Unit", "Text", "whitelist.xml");
			ApplicationSettings settings = new ApplicationSettings();
			settings.HtmlElementWhiteListPath = whitelistFile;

			string htmlFragment = "<test href=\"http://www.google.com\">link</test> <blah id=\"myid\" class=\"class1 class2\">somediv</blah><a href=\"test\">test</a>";

			// Act
			MarkupSanitizer sanitizer = new MarkupSanitizer(settings);
			sanitizer.SetWhiteListCacheKey("ShouldDeserializeWhiteListFromExistingXmlFile");
			string actual = sanitizer.SanitizeHtml(htmlFragment);

			// Assert
			string expected = "<test href=\"http&#x3A;&#x2F;&#x2F;www&#x2E;google&#x2E;com\">link</test> <blah id=\"myid\" class=\"class1&#x20;class2\">somediv</blah>";
			Assert.That(actual, Is.EqualTo(expected).IgnoreCase);
		}
开发者ID:RyanGroom,项目名称:roadkill,代码行数:18,代码来源:MarkupSanitizerTests.cs

示例3: GenerateTestXmlFile

		public void GenerateTestXmlFile()
		{
			// Arrange
			MarkupSanitizer sanitizer = new MarkupSanitizer(_settings);

			using (FileStream stream = new FileStream("test.xml", FileMode.Create, FileAccess.Write))
			{
				//XmlSerializer serializer = new XmlSerializer(typeof(HtmlWhiteList));
				//serializer.Serialize(stream, MarkupSanitizer._htmlWhiteList);

				XmlSerializer serializer = new XmlSerializer(typeof(HtmlWhiteList));

				List<HtmlElement> list = new List<HtmlElement>();
				list.Add(new HtmlElement("blah", new string[] { "id", "class" }));
				list.Add(new HtmlElement("test", new string[] { "href" }));

				HtmlWhiteList whiteList = new HtmlWhiteList();
				whiteList.ElementWhiteList = list;

				serializer.Serialize(stream, whiteList);
			}
		}
开发者ID:RyanGroom,项目名称:roadkill,代码行数:22,代码来源:MarkupSanitizerTests.cs

示例4: AnchorTagUSASCIIEncodingXSSTest

        public void AnchorTagUSASCIIEncodingXSSTest()
        {
            // Arrange
            MarkupSanitizer sanitizer = new MarkupSanitizer(_settings);

            // Act
            string htmlFragment = "<A HREF=\"http://www.codeplex.com?url=¼script¾alert(¢XSS¢)¼/script¾\">XSS</A>";
            string actual = sanitizer.SanitizeHtml(htmlFragment);

            // Assert
            string expected = "<A HREF=\"http&#x3A;&#x2F;&#x2F;www&#x2E;codeplex&#x2E;com&#x3F;url&#x3D;&#x26;&#x23;188&#x3B;&#x26;&#x23;190&#x3B;alert&#x28;&#x26;&#x23;162&#x3B;XSS&#x26;&#x23;162&#x3B;&#x29;&#x26;&#x23;188&#x3B;&#x2F;&#x26;&#x23;190&#x3B;\">XSS</A>";
            Assert.That(actual, Is.EqualTo(expected).IgnoreCase);
        }
开发者ID:NaseUkolyCZ,项目名称:roadkill,代码行数:13,代码来源:MarkupSanitizerTests.cs

示例5: AnchorTagNonAlphaNonDigitXSSTest

        public void AnchorTagNonAlphaNonDigitXSSTest()
        {
            // Arrange
            MarkupSanitizer sanitizer = new MarkupSanitizer(_settings);

            // Act
            string htmlFragment = "<A HREF=\"http://www.codeplex.com?url=<SCRIPT/XSS SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>\">XSS</A>";
            string actual = sanitizer.SanitizeHtml(htmlFragment);

            // Assert
            string expected = "<A HREF=\"http&#x3A;&#x2F;&#x2F;www&#x2E;codeplex&#x2E;com&#x3F;url&#x3D;&#x26;lt&#x3B;&#x2F;XSS&#x20;SRC&#x3D;\">\">XSS</A>";
            Assert.That(actual, Is.EqualTo(expected).IgnoreCase);
        }
开发者ID:NaseUkolyCZ,项目名称:roadkill,代码行数:13,代码来源:MarkupSanitizerTests.cs

示例6: DivNonAlphaNonDigit3XSSTest

        public void DivNonAlphaNonDigit3XSSTest()
        {
            // Arrange
            MarkupSanitizer sanitizer = new MarkupSanitizer(_settings);

            // Act
            string htmlFragment = "<Div style=\"background-color: http://www.codeplex.com?url=<SCRIPT/SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>\">";
            string actual = sanitizer.SanitizeHtml(htmlFragment);

            // Assert
            string expected = "<Div style=\"background&#x2D;color&#x3A;&#x20;http&#x3A;&#x2F;&#x2F;www&#x2E;codeplex&#x2E;com&#x3F;url&#x3D;&#x26;lt&#x3B;&#x2F;SRC&#x3D;\">\"></Div>";
            Assert.That(actual, Is.EqualTo(expected).IgnoreCase);
        }
开发者ID:NaseUkolyCZ,项目名称:roadkill,代码行数:13,代码来源:MarkupSanitizerTests.cs

示例7: XmlWithCDataXSSTest

        public void XmlWithCDataXSSTest()
        {
            // Arrange
            MarkupSanitizer sanitizer = new MarkupSanitizer(_settings);

            // Act
            string htmlFragment = "<XML ID=I><X><C><![CDATA[<IMG SRC=\"javas]]><![CDATA[cript:alert('XSS');\">]]></C></X></xml><SPAN DATASRC=#I DATAFLD=C DATAFORMATAS=HTML></SPAN>";
            string actual = sanitizer.SanitizeHtml(htmlFragment);

            // Assert
            string expected = "<SPAN></SPAN>";
            Assert.That(actual, Is.EqualTo(expected).IgnoreCase);
        }
开发者ID:NaseUkolyCZ,项目名称:roadkill,代码行数:13,代码来源:MarkupSanitizerTests.cs

示例8: AnchorTagDownlevelHiddenBlockXSSTest

        public void AnchorTagDownlevelHiddenBlockXSSTest()
        {
            // Arrange
            MarkupSanitizer sanitizer = new MarkupSanitizer(_settings);

            // Act
            string htmlFragment = "<A HREF=\"http://www.codeplex.com?url=<!--[if gte IE 4]><SCRIPT>alert('XSS');</SCRIPT><![endif]-->\">XSS</A>";
            string actual = sanitizer.SanitizeHtml(htmlFragment);

            // Assert
            string expected = "<A HREF=\"http&#x3A;&#x2F;&#x2F;www&#x2E;codeplex&#x2E;com&#x3F;url&#x3D;&#x26;lt&#x3B;&#x21;&#x2D;&#x2D;&#x5B;if&#x20;gte&#x20;IE&#x20;4&#x5D;&#x26;gt&#x3B;&#x26;lt&#x3B;&#x26;gt&#x3B;alert&#x28;&#x26;&#x23;39&#x3B;XSS&#x26;&#x23;39&#x3B;&#x29;&#x3B;&#x26;lt&#x3B;&#x2F;&#x26;gt&#x3B;&#x26;lt&#x3B;&#x21;&#x5B;endif&#x5D;&#x2D;&#x2D;&#x26;gt&#x3B;\">XSS</A>";
            Assert.That(actual, Is.EqualTo(expected).IgnoreCase);
        }
开发者ID:NaseUkolyCZ,项目名称:roadkill,代码行数:13,代码来源:MarkupSanitizerTests.cs

示例9: DivJavascriptEscapingXSSTest

        public void DivJavascriptEscapingXSSTest()
        {
            // Arrange
            MarkupSanitizer sanitizer = new MarkupSanitizer(_settings);

            // Act
            string htmlFragment = "<div style=\"\";alert('XSS');//\">";
            string actual = sanitizer.SanitizeHtml(htmlFragment);

            // Assert
            string expected = "<div style=\"\"></div>";
            Assert.That(actual, Is.EqualTo(expected).IgnoreCase);
        }
开发者ID:NaseUkolyCZ,项目名称:roadkill,代码行数:13,代码来源:MarkupSanitizerTests.cs

示例10: DivBackgroundImageWithUnicodedXSSTest

        public void DivBackgroundImageWithUnicodedXSSTest()
        {
            // Arrange
            MarkupSanitizer sanitizer = new MarkupSanitizer(_settings);

            // Act
            string htmlFragment = "<DIV STYLE=\"background-image:\0075\0072\006C\0028'\006a\0061\0076\0061\0073\0063\0072\0069\0070\0074\003a\0061\006c\0065\0072\0074\0028.1027\0058.1053\0053\0027\0029'\0029\">";
            string actual = sanitizer.SanitizeHtml(htmlFragment);

            // Assert
            string expected = "<DIV STYLE=\"background&#x2D;image&#x3A;&#xfffd;075&#xfffd;072&#xfffd;06C&#xfffd;028&#x26;&#x23;39&#x3B;&#xfffd;06a&#xfffd;061&#xfffd;076&#xfffd;061&#xfffd;073&#xfffd;063&#xfffd;072&#xfffd;069&#xfffd;070&#xfffd;074&#xfffd;03a&#xfffd;061&#xfffd;06c&#xfffd;065&#xfffd;072&#xfffd;074&#xfffd;028&#x2E;1027&#xfffd;058&#x2E;1053&#xfffd;053&#xfffd;027&#xfffd;029&#x26;&#x23;39&#x3B;&#xfffd;029\"></div>";
            Assert.That(actual, Is.EqualTo(expected).IgnoreCase);
        }
开发者ID:NaseUkolyCZ,项目名称:roadkill,代码行数:13,代码来源:MarkupSanitizerTests.cs

示例11: DivExpressionXSSTest

        public void DivExpressionXSSTest()
        {
            // Arrange
            MarkupSanitizer sanitizer = new MarkupSanitizer(_settings);

            // Act
            string htmlFragment = "<DIV STYLE=\"width: expression(alert('XSS'));\">";
            string actual = sanitizer.SanitizeHtml(htmlFragment);

            // Assert
            string expected = "<DIV STYLE=\"width&#x3A;&#x28;alert&#x28;&#x26;&#x23;39&#x3B;XSS&#x26;&#x23;39&#x3B;&#x29;&#x29;&#x3B;\"></Div>";
            Assert.That(actual, Is.EqualTo(expected).IgnoreCase);
        }
开发者ID:NaseUkolyCZ,项目名称:roadkill,代码行数:13,代码来源:MarkupSanitizerTests.cs

示例12: AnchorTagMixedEncodingXSSTest

        public void AnchorTagMixedEncodingXSSTest()
        {
            // Arrange
            MarkupSanitizer sanitizer = new MarkupSanitizer(_settings);

            // Act
            string htmlFragment = @"<A HREF=""h
            tt	p://6&#9;6.000146.0x7.147/"">XSS</A>";
            string actual = sanitizer.SanitizeHtml(htmlFragment);

            // Assert
            string expected = "<A HREF=\"h&#x0D;&#x0A;tt&#x09;p&#x3A;&#x2F;&#x2F;6&#x26;amp&#x3B;&#x23;9&#x3B;6&#x2E;000146&#x2E;0x7&#x2E;147&#x2F;\">XSS</A>";
            Assert.That(actual, Is.EqualTo(expected).IgnoreCase);
        }
开发者ID:NaseUkolyCZ,项目名称:roadkill,代码行数:14,代码来源:MarkupSanitizerTests.cs

示例13: BGSoundXSSTest

        public void BGSoundXSSTest()
        {
            // Arrange
            MarkupSanitizer sanitizer = new MarkupSanitizer(_settings);

            // Act
            string htmlFragment = "<BGSOUND SRC=\"javascript:alert('XSS');\">";
            string actual = sanitizer.SanitizeHtml(htmlFragment);

            // Assert
            string expected = "";
            Assert.That(actual, Is.EqualTo(expected).IgnoreCase);
        }
开发者ID:NaseUkolyCZ,项目名称:roadkill,代码行数:13,代码来源:MarkupSanitizerTests.cs

示例14: AnchorTagJavascriptLinkLocationXSSTest

        public void AnchorTagJavascriptLinkLocationXSSTest()
        {
            // Arrange
            MarkupSanitizer sanitizer = new MarkupSanitizer(_settings);

            // Act
            string htmlFragment = "<A HREF=\"javascript:document.location='http://www.google.com/'\">XSS</A>";
            string actual = sanitizer.SanitizeHtml(htmlFragment);

            // Assert
            string expected = "<A HREF=\"&#x3A;document&#x2E;location&#x3D;&#x26;&#x23;39&#x3B;http&#x3A;&#x2F;&#x2F;www&#x2E;google&#x2E;com&#x2F;&#x26;&#x23;39&#x3B;\">XSS</A>";
            Assert.That(actual, Is.EqualTo(expected).IgnoreCase);
        }
开发者ID:NaseUkolyCZ,项目名称:roadkill,代码行数:13,代码来源:MarkupSanitizerTests.cs

示例15: AnchorTagIPVersesHostnameXSSTest

        public void AnchorTagIPVersesHostnameXSSTest()
        {
            // Arrange
            MarkupSanitizer sanitizer = new MarkupSanitizer(_settings);

            // Act
            string htmlFragment = "<A HREF=\"http://66.102.7.147/\">XSS</A>";
            string actual = sanitizer.SanitizeHtml(htmlFragment);

            // Assert
            string expected = "<A HREF=\"http&#x3A;&#x2F;&#x2F;66&#x2E;102&#x2E;7&#x2E;147&#x2F;\">XSS</A>";
            Assert.That(actual, Is.EqualTo(expected).IgnoreCase);
        }
开发者ID:NaseUkolyCZ,项目名称:roadkill,代码行数:13,代码来源:MarkupSanitizerTests.cs


注:本文中的Roadkill.Core.Text.Sanitizer.MarkupSanitizer类示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。