See the version list below for details.
Install-Package SgmlSanitizer -Version 1.0.0
dotnet add package SgmlSanitizer --version 1.0.0
<PackageReference Include="SgmlSanitizer" Version="1.0.0" />
paket add SgmlSanitizer --version 1.0.0
#r "nuget: SgmlSanitizer, 1.0.0"
// Install SgmlSanitizer as a Cake Addin #addin nuget:?package=SgmlSanitizer&version=1.0.0 // Install SgmlSanitizer as a Cake Tool #tool nuget:?package=SgmlSanitizer&version=1.0.0
A sanitizer to remove elements and attributes from SGML based text files, such as HTML and XML. Note that this is a very simple implementation, but by using whitelists and a naïve URL detection implementation XSS may be prevented. Use at your own risk though.
To sanitize some simple HTML to remove all attributes and only keep the original HTML tag (this is inserted if not provided) and A tags:
string html = "<html><a href=\"https://url\">Keep me</a><p><a>Don't keep me</a></p></html>"; ListSanitiationHandler list = new ListSanitationHandler(); list.Elements.Add("html"); list.Elements.Add("a"); Sanitizer sanitizer = new Sanitizer(); sanitizer.Handlers.Add(list); string cleanHtml = sanitizer.Sanitize(html); Console.WriteLine(cleanHtml);
<html><a href="https://url">Keep me</a></html>
The list sanitation handler can be used to whitelist or blacklist elements, attributes and element specific attributes. The
UrlAttributeHandler will remove attributes which contain '.' or '/', as the definition of an url is very broad.
- Microsoft.Xml.SgmlReader (>= 1.8.21)
This package is not used by any NuGet packages.
This package is not used by any popular GitHub repositories.