I am using the package AspnetCore.HtmlSanitizer. Here

I am trying to register the service with the default options and only remove certain tags and attributes. For example, I am OK with all the default attributes except "href" how do I remove it globally through startup.cs?

 public void ConfigureServices(IServiceCollection services)
    {
       services.Configure<HtmlSanitizerOptions>(options =>
        {
            options.AllowedTags.Remove("a");
            options.AllowedAttributes.Remove("href");
        });


        // Services
        services.AddSingleton<IHtmlSanitizer, HtmlSanitizer>(); 

This is not removing the "a" and "href" from the list of attributes and tags.

I simply want to configure it in startup.cs and use the same options globally across my application.

Can someone please help

CodePudding user response：

Construct the options object in DI and send it with the HtmlSanitizer object.

services.AddSingleton<IHtmlSantitizer, HtmlSanitizer>(sp =>
{
    var opts = new HtmlSanitizerOptions();

    opts.AllowedTags.Remove("a");
    opts.AllowedAttributes.Remove("href");

    return new HtmlSanitizer(opts);
});

CodePudding user response：

I was answered here

Basically this code would work fine:

services.AddSingleton<Ganss.XSS.IHtmlSanitizer, Ganss.XSS.HtmlSanitizer>(m =>
{
    var options = new Ganss.XSS.HtmlSanitizerOptions
    {
        AllowedTags = Ganss.XSS.HtmlSanitizer.DefaultAllowedTags,
        AllowedAttributes = Gans.XSS.HtmlSanitizer.DefaultAllowedAttributes
    };

    options.AllowedTags.Remove("a");
    options.AllowedAttributes.Remove("href");

    var sanitizer = new Ganss.XSS.HtmlSanitizer(options);
    return sanitizer;
});