Home > OS >  XSS: How can I remove JS snippets from a String in C#?
XSS: How can I remove JS snippets from a String in C#?

Time:09-24

My usecase is actually quite simple. Let's say I get an input argument like abcdalert(document.cookie); and I want to scrub it off the (document.cookie); part. What is the most efficient way to do this in ASP.NET C#?

PS: The snippet can be any JS code. Not necessarily alerts.

CodePudding user response:

I recommend the HtmlSanitizer .Net library to apply server side sanitization

https://github.com/mganss/HtmlSanitizer

This library used for cleaning HTML fragments and documents from potential XSS attacks. It uses AngleSharp to parse, manipulate, and render HTML and CSS. It is based on a robust HTML parser that can protect your code from deliberate or accidental "tag poisoning" where invalid HTML in one fragment can corrupt the whole document (which can lead to a broken layout or style)

Page link:https//www.codepudding.com/os/126087.html

Prev:Uncheck radio button if it is not visible
Next:Rails two scopes on has many through returns a bigger count than one single scope
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding