Microsoft AntiXSS Library |
Sanitizer..::..GetSafeHtmlFragment Method (TextReader, TextWriter) |
Sanitizer Class See Also |
Sanitizes input HTML fragment for safe display on browser.
Namespace: Microsoft.Security.Application
Assembly: HtmlSanitizationLibrary (in HtmlSanitizationLibrary.dll) Version: 4.2.0.0
Syntax
C# |
---|
public static void GetSafeHtmlFragment( TextReader sourceReader, TextWriter destinationWriter ) |
Visual Basic |
---|
Public Shared Sub GetSafeHtmlFragment ( _ sourceReader As TextReader, _ destinationWriter As TextWriter _ ) |
Visual C++ |
---|
public: static void GetSafeHtmlFragment( TextReader^ sourceReader, TextWriter^ destinationWriter ) |
Parameters
- sourceReader
- Type: System.IO..::..TextReader
Source text reader with malicious HTML
- destinationWriter
- Type: System.IO..::..TextWriter
Stream to write safe HTML
Remarks
The method transforms and filters HTML of executable scripts.
A safe list of tags and attributes are used to strip dangerous
scripts from the HTML. HTML is also normalized where tags are
properly closed and attributes are properly formatted.