Microsoft AntiXSS Library |
Sanitizer..::..GetSafeHtmlFragment Method (TextReader, Stream) |
Sanitizer Class See Also |
Sanitizes input HTML fragment for safe display on browser.
Namespace: Microsoft.Security.Application
Assembly: HtmlSanitizationLibrary (in HtmlSanitizationLibrary.dll) Version: 4.2.0.0
Syntax
C# |
---|
public static void GetSafeHtmlFragment( TextReader sourceReader, Stream destinationStream ) |
Visual Basic |
---|
Public Shared Sub GetSafeHtmlFragment ( _ sourceReader As TextReader, _ destinationStream As Stream _ ) |
Visual C++ |
---|
public: static void GetSafeHtmlFragment( TextReader^ sourceReader, Stream^ destinationStream ) |
Parameters
- sourceReader
- Type: System.IO..::..TextReader
Source text reader with malicious HTML
- destinationStream
- Type: System.IO..::..Stream
Stream to write safe HTML
Remarks
The method transforms and filters HTML of executable scripts.
A safe list of tags and attributes are used to strip dangerous
scripts from the HTML. HTML is also normalized where tags are
properly closed and attributes are properly formatted.