GetSafeHtmlFragment Method (String)

Microsoft AntiXSS Library

Collapse imageExpand ImageCopy imageCopyHover image
Sanitizes input HTML fragment for safe display on browser.

Namespace: Microsoft.Security.Application
Assembly: HtmlSanitizationLibrary (in HtmlSanitizationLibrary.dll) Version: 4.2.0.0

Syntax

C#
public static string GetSafeHtmlFragment(
	string input
)
Visual Basic
Public Shared Function GetSafeHtmlFragment ( _
	input As String _
) As String
Visual C++
public:
static String^ GetSafeHtmlFragment(
	String^ input
)

Parameters

input
Type: System..::..String
Malicious HTML fragment

Return Value

Safe HTML fragment

Remarks

The method transforms and filters HTML of executable scripts. A safe list of tags and attributes are used to strip dangerous scripts from the HTML. HTML is also normalized where tags are properly closed and attributes are properly formatted.

See Also