GetSafeHtml Method (TextReader, Stream)

Microsoft AntiXSS Library

Collapse imageExpand ImageCopy imageCopyHover image
Sanitizes input HTML document for safe display on browser.

Namespace: Microsoft.Security.Application
Assembly: HtmlSanitizationLibrary (in HtmlSanitizationLibrary.dll) Version: 4.2.0.0

Syntax

C#
public static void GetSafeHtml(
	TextReader sourceReader,
	Stream destinationStream
)
Visual Basic
Public Shared Sub GetSafeHtml ( _
	sourceReader As TextReader, _
	destinationStream As Stream _
)
Visual C++
public:
static void GetSafeHtml(
	TextReader^ sourceReader, 
	Stream^ destinationStream
)

Parameters

sourceReader
Type: System.IO..::..TextReader
Source text reader with malicious HTML
destinationStream
Type: System.IO..::..Stream
Stream to write safe HTML

Remarks

The method transforms and filters HTML of executable scripts. A safe list of tags and attributes are used to strip dangerous scripts from the HTML. HTML is also normalized where tags are properly closed and attributes are properly formatted.

See Also