babaev-an/anbsoftware_componentspack
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity

20231125

Browse Source
This commit is contained in:
Alexander
2023-11-25 17:11:04 +03:00
parent 77c602cd9c
commit 73e6e4d3b1
13 changed files with 328 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

122
anbs_cpfn/Classes/Sanitizer.cs Normal file
View File

@@ -0,0 +1,122 @@
using anbs_cp.ForNet.Enums;
using Ganss.Xss;
namespace anbs_cp.ForNet.Classes;
/// <summary>
/// Очистка текста от лишних HTML-тегов
/// </summary>
public static class Sanitizer
{
/// <summary>
/// Очистка текста по уровню очистки
/// </summary>
/// <param name="html">Текст</param>
/// <param name="level">Уровень очистка</param>
/// <returns>Очищенный текст</returns>
public static string SanitizeHtml (string html, ESanitizerLevel level)
{
HtmlSanitizer sanitizer = new()
{
KeepChildNodes = true
};
switch (level)
{
case ESanitizerLevel.NoTags:
PrepareForNone(ref sanitizer);
break;
case ESanitizerLevel.TextFormatOnly:
PrepareForTextFormatOnly(ref sanitizer);
break;
case ESanitizerLevel.ImageAndLinks:
PrepareForImageAndLinks(ref sanitizer);
break;
case ESanitizerLevel.AllExceptIFrame:
PrepareForAllExceptIFrame(ref sanitizer);
break;
default:
PrepareForNone(ref sanitizer);
break;
}
return level != ESanitizerLevel.All ? sanitizer.Sanitize(html) : html;
}
/// <summary>
/// Очистка всех тегов
/// </summary>
/// <param name="sanitizer"><see cref="HtmlSanitizer"/></param>
private static void PrepareForNone (ref HtmlSanitizer sanitizer)
{
sanitizer.AllowedTags.Clear();
sanitizer.AllowedSchemes.Clear();
sanitizer.AllowedCssProperties.Clear();
sanitizer.AllowedClasses.Clear();
sanitizer.AllowedAttributes.Clear();
sanitizer.AllowedAtRules.Clear();
sanitizer.AllowDataAttributes = false;
}
/// <summary>
/// Остаются только текстовые теги
/// </summary>
/// <param name="sanitizer"><see cref="HtmlSanitizer"/></param>
private static void PrepareForTextFormatOnly (ref HtmlSanitizer sanitizer)
{
string[] allowedTags =
{
"strong", "b", "em", "i", "u", "hr", "strike", "div", "ol", "ul", "li", "p", "span", "h1", "h2", "h3", "h4"
};
string[] allowedAttributes =
{
"align", "bgcolor", "border", "cellpadding", "cellspacing", "charset", "checked", "class", "clear", "color", "cols", "colspan",
"datetime", "disabled", "headers", "height", "high", "hspace", "label", "lang", "list", "low", "max", "maxlength", "min", "name",
"nowrap", "placeholder", "required", "rev", "rows", "rowspan", "rules", "selected", "size", "span", "spellcheck", "style", "summary",
"tabindex", "title", "type", "valign", "value", "vspace", "width", "wrap"
};
sanitizer.AllowedTags.Clear();
sanitizer.AllowedTags.UnionWith(allowedTags);
sanitizer.AllowedAtRules.Clear();
sanitizer.AllowDataAttributes = false;
sanitizer.AllowedAttributes.Clear();
sanitizer.AllowedAttributes.UnionWith(allowedAttributes);
}
/// <summary>
/// Остаются текстовые теги + изображения и ссылки
/// </summary>
/// <param name="sanitizer"><see cref="HtmlSanitizer"/></param>
private static void PrepareForImageAndLinks (ref HtmlSanitizer sanitizer)
{
PrepareForTextFormatOnly(ref sanitizer);
string[] allowedTags =
{
"a", "img"
};
string[] allowedAttributes =
{
"alt", "href", "hreflang", "nohref", "rel", "src", "target"
};
sanitizer.AllowedTags.UnionWith(allowedTags);
sanitizer.AllowedAttributes.UnionWith(allowedAttributes);
}
/// <summary>
/// Остаются все теги, за исключением IFRAME
/// </summary>
/// <param name="sanitizer"><see cref="HtmlSanitizer"/></param>
private static void PrepareForAllExceptIFrame (ref HtmlSanitizer sanitizer)
{
sanitizer.AllowedTags.Remove("iframe");
}
}