| |
| Microsoft AntiXSS Library |
| Sanitizer..::..GetSafeHtmlFragment Method (TextReader, Stream) |
| Sanitizer Class See Also |
Sanitizes input HTML fragment for safe display on browser.
Namespace: Microsoft.Security.Application
Assembly: HtmlSanitizationLibrary (in HtmlSanitizationLibrary.dll) Version: 4.2.0.0
Syntax
| C# |
|---|
public static void GetSafeHtmlFragment( TextReader sourceReader, Stream destinationStream ) |
| Visual Basic |
|---|
Public Shared Sub GetSafeHtmlFragment ( _ sourceReader As TextReader, _ destinationStream As Stream _ ) |
| Visual C++ |
|---|
public: static void GetSafeHtmlFragment( TextReader^ sourceReader, Stream^ destinationStream ) |
Parameters
- sourceReader
- Type: System.IO..::..TextReader
Source text reader with malicious HTML
- destinationStream
- Type: System.IO..::..Stream
Stream to write safe HTML
Remarks
The method transforms and filters HTML of executable scripts.
A safe list of tags and attributes are used to strip dangerous
scripts from the HTML. HTML is also normalized where tags are
properly closed and attributes are properly formatted.
