How to make a C # / BlackList whitelist

Question

How to make a C # / BlackList whitelist

I want to validate the HTML tags that the user is using in a rich html editor that I have. I'm not sure how to do this in C #.

Should I use Regex and what HTML tags should I blacklist / whitelist?

+2

html c #

chobo2 Sep 18 '09 at 12:16

source to share

3 answers

Assuming the tags are entered as a single line, like here on StackOverflow, you need to split the line into separate tags first:

string[] tags = "c# html  lolcat  ".Split(
    new char[] { ' ' }, StringSplitOptions.RemoveEmptyEntries);

Whitelisting / blacklisting can be represented by HashSet<T>

storing tags:

HashSet<string> blacklist = new HashSet<string>(
    StringComparer.CurrentCultureIgnoreCase) { "lolcat", "lolrus" };

Then you will need to check if the list contains one of tags

:

bool invalid = tags.Any(blacklist.Contains);

0

dtb Sep 18 '09 at 12:29

source to share

You can try the Html Agility Pack . I haven't tried skipping the tags, but he could certainly find the tags.

0

TrueWill Sep 18 At 1:09 am

source to share

dtb · Accepted Answer · 2009-09-18T01:20:19+0000

Simple whitelist:

string input = "<span><b>99</b> < <i>100</i></span> <!-- 99 < 100 -->";

// escape & < and >
input = input.Replace("&", "&amp;").Replace(">", "&gt;").Replace("<", "&lt;");

// unescape whitelisted tags
string output = input.Replace("&lt;b&gt;", "<b>").Replace("&lt;/b&gt;", "</b>")
                     .Replace("&lt;i&gt;", "<i>").Replace("&lt;/i&gt;", "</i>");

Output:

99 < 100 

Displayed output:

99 < 100 gt; <-99 <100 →

How to make a C # / BlackList whitelist

More articles: