Sanitizes input HTML to make it safe to be displayed on a
browser by removing potentially dangerous tags.
Namespace: Microsoft.Security.Application
Assembly: HtmlSanitizationLibrary (in HtmlSanitizationLibrary.dll) Version: 4.2.0.0
Syntax
C# |
---|
public static class Sanitizer |
Visual Basic |
---|
Public NotInheritable Class Sanitizer |
Visual C++ |
---|
public ref class Sanitizer abstract sealed |
Remarks
This santization library uses the Principle of Inclusions,
sometimes referred to as "safe-listing" to provide protection
against injection attacks. With safe-listing protection,
algorithms look for valid inputs and automatically treat
everything outside that set as a potential attack. This library
can be used as a defense in depth approach with other mitigation
techniques.