How to make a C # / BlackList whitelist
3 answers
Simple whitelist:
string input = "<span><b>99</b> < <i>100</i></span> <!-- 99 < 100 -->";
// escape & < and >
input = input.Replace("&", "&").Replace(">", ">").Replace("<", "<");
// unescape whitelisted tags
string output = input.Replace("<b>", "<b>").Replace("</b>", "</b>")
.Replace("<i>", "<i>").Replace("</i>", "</i>");
Output:
<span><b>99</b> < <i>100</i></span> <!-- 99 < 100 -->
Displayed output:
<span> 99 <<i> 100 </ span> gt; <-99 <100 โ
0
source to share
Assuming the tags are entered as a single line, like here on StackOverflow, you need to split the line into separate tags first:
string[] tags = "c# html lolcat ".Split(
new char[] { ' ' }, StringSplitOptions.RemoveEmptyEntries);
Whitelisting / blacklisting can be represented by HashSet<T>
storing tags:
HashSet<string> blacklist = new HashSet<string>(
StringComparer.CurrentCultureIgnoreCase) { "lolcat", "lolrus" };
Then you will need to check if the list contains one of tags
:
bool invalid = tags.Any(blacklist.Contains);
0
source to share
You can try the Html Agility Pack . I haven't tried skipping the tags, but he could certainly find the tags.
0
source to share