GetSafeHtml Method (TextReader, TextWriter)

Microsoft AntiXSS Library

Collapse imageExpand ImageCopy imageCopyHover image
Sanitizes input HTML document for safe display on browser.

Namespace: Microsoft.Security.Application
Assembly: HtmlSanitizationLibrary (in HtmlSanitizationLibrary.dll) Version: 4.2.0.0

Syntax

C#
public static void GetSafeHtml(
	TextReader sourceReader,
	TextWriter destinationWriter
)
Visual Basic
Public Shared Sub GetSafeHtml ( _
	sourceReader As TextReader, _
	destinationWriter As TextWriter _
)
Visual C++
public:
static void GetSafeHtml(
	TextReader^ sourceReader, 
	TextWriter^ destinationWriter
)

Parameters

sourceReader
Type: System.IO..::..TextReader
Source text reader with malicious HTML
destinationWriter
Type: System.IO..::..TextWriter
Text Writer to write safe HTML

Remarks

The method transforms and filters HTML of executable scripts. A safe list of tags and attributes are used to strip dangerous scripts from the HTML. HTML is also normalized where tags are properly closed and attributes are properly formatted.

See Also