I am using the package AspnetCore.HtmlSanitizer. Here
I am trying to register the service with the default options and only remove certain tags and attributes. For example, I am OK with all the default attributes except "href" how do I remove it globally through startup.cs?
public void ConfigureServices(IServiceCollection services)
{
services.Configure<HtmlSanitizerOptions>(options =>
{
options.AllowedTags.Remove("a");
options.AllowedAttributes.Remove("href");
});
// Services
services.AddSingleton<IHtmlSanitizer, HtmlSanitizer>();
This is not removing the "a" and "href" from the list of attributes and tags.
I simply want to configure it in startup.cs and use the same options globally across my application.
Can someone please help
CodePudding user response:
Construct the options object in DI and send it with the HtmlSanitizer object.
services.AddSingleton<IHtmlSantitizer, HtmlSanitizer>(sp =>
{
var opts = new HtmlSanitizerOptions();
opts.AllowedTags.Remove("a");
opts.AllowedAttributes.Remove("href");
return new HtmlSanitizer(opts);
});
CodePudding user response:
I was answered here
Basically this code would work fine:
services.AddSingleton<Ganss.XSS.IHtmlSanitizer, Ganss.XSS.HtmlSanitizer>(m =>
{
var options = new Ganss.XSS.HtmlSanitizerOptions
{
AllowedTags = Ganss.XSS.HtmlSanitizer.DefaultAllowedTags,
AllowedAttributes = Gans.XSS.HtmlSanitizer.DefaultAllowedAttributes
};
options.AllowedTags.Remove("a");
options.AllowedAttributes.Remove("href");
var sanitizer = new Ganss.XSS.HtmlSanitizer(options);
return sanitizer;
});