GetSafeHtmlFragment Method (TextReader, Stream)

Microsoft AntiXSS Library

Collapse imageExpand ImageCopy imageCopyHover image
Sanitizes input HTML fragment for safe display on browser.

Namespace: Microsoft.Security.Application
Assembly: HtmlSanitizationLibrary (in HtmlSanitizationLibrary.dll) Version: 4.2.0.0

Syntax

C#
public static void GetSafeHtmlFragment(
	TextReader sourceReader,
	Stream destinationStream
)
Visual Basic
Public Shared Sub GetSafeHtmlFragment ( _
	sourceReader As TextReader, _
	destinationStream As Stream _
)
Visual C++
public:
static void GetSafeHtmlFragment(
	TextReader^ sourceReader, 
	Stream^ destinationStream
)

Parameters

sourceReader
Type: System.IO..::..TextReader
Source text reader with malicious HTML
destinationStream
Type: System.IO..::..Stream
Stream to write safe HTML

Remarks

The method transforms and filters HTML of executable scripts. A safe list of tags and attributes are used to strip dangerous scripts from the HTML. HTML is also normalized where tags are properly closed and attributes are properly formatted.

See Also