1
我試圖使用HtmlAgilityPack實現白名單HTML Sanitizer。我想創建一個可重用的Html Helper,允許我使用它。我有其他自定義的Html幫助程序,我正在使用該工作,但由於某種原因,這一個不起作用。每次我嘗試從視圖中調用它時,都無法找到Sanitize方法。我想打這個電話是在一個局部視圖,看起來像這樣:自定義Html Helper在視圖中無法使用(Razor/Asp.Net MVC3)
@Html.Raw(Html.Sanitize(Model.Body))
我的HTML幫助器類:
using System;
using System.Text;
using System.Web.Mvc;
using System.Collections.Generic;
using System.Linq;
using HtmlAgilityPack;
namespace ProjectX.WebUI.HtmlHelpers
{
public static class HtmlSanitizeHelpers
{
private static readonly IDictionary<string, string[]> Whitelist;
private static List<string> DeletableNodesXpath = new List<string>();
static HtmlSanitizeHelpers()
{
Whitelist = new Dictionary<string, string[]> {
{ "a", new[] { "href" } },
{ "strong", null },
{ "em", null },
{ "blockquote", null },
{ "b", null},
{ "p", null},
{ "ul", null},
{ "ol", null},
{ "li", null},
{ "div", new[] { "align" } },
{ "strike", null},
{ "u", null},
{ "sub", null},
{ "sup", null},
{ "table", null },
{ "tr", null },
{ "td", null },
{ "th", null }
};
}
public static MvcHtmlString Sanitize(string input)
{
if (input.Trim().Length < 1)
return MvcHtmlString.Empty;
var htmlDocument = new HtmlDocument();
htmlDocument.LoadHtml(input);
SanitizeNode(htmlDocument.DocumentNode);
string xPath = HtmlSanitizeHelpers.CreateXPath();
return MvcHtmlString.Create(StripHtml(htmlDocument.DocumentNode.WriteTo().Trim(), xPath));
}
private static void SanitizeChildren(HtmlNode parentNode)
{
for (int i = parentNode.ChildNodes.Count - 1; i >= 0; i--)
{
SanitizeNode(parentNode.ChildNodes[i]);
}
}
private static void SanitizeNode(HtmlNode node)
{
if (node.NodeType == HtmlNodeType.Element)
{
if (!Whitelist.ContainsKey(node.Name))
{
if (!DeletableNodesXpath.Contains(node.Name))
{
//DeletableNodesXpath.Add(node.Name.Replace("?",""));
node.Name = "removeableNode";
DeletableNodesXpath.Add(node.Name);
}
if (node.HasChildNodes)
{
SanitizeChildren(node);
}
return;
}
if (node.HasAttributes)
{
for (int i = node.Attributes.Count - 1; i >= 0; i--)
{
HtmlAttribute currentAttribute = node.Attributes[i];
string[] allowedAttributes = Whitelist[node.Name];
if (allowedAttributes != null)
{
if (!allowedAttributes.Contains(currentAttribute.Name))
{
node.Attributes.Remove(currentAttribute);
}
}
else
{
node.Attributes.Remove(currentAttribute);
}
}
}
}
if (node.HasChildNodes)
{
SanitizeChildren(node);
}
}
private static string StripHtml(string html, string xPath)
{
HtmlDocument htmlDoc = new HtmlDocument();
htmlDoc.LoadHtml(html);
if (xPath.Length > 0)
{
HtmlNodeCollection invalidNodes = htmlDoc.DocumentNode.SelectNodes(@xPath);
foreach (HtmlNode node in invalidNodes)
{
node.ParentNode.RemoveChild(node, true);
}
}
return htmlDoc.DocumentNode.WriteContentTo(); ;
}
private static string CreateXPath()
{
string _xPath = string.Empty;
for (int i = 0; i < DeletableNodesXpath.Count; i++)
{
if (i != DeletableNodesXpath.Count - 1)
{
_xPath += string.Format("//{0}|", DeletableNodesXpath[i].ToString());
}
else _xPath += string.Format("//{0}", DeletableNodesXpath[i].ToString());
}
return _xPath;
}
}
}
學分大多數代碼去在this posting答案。
事情我已經檢查:
- 命名空間已在Web.config文件中已經正確定義。 (我也知道這是因爲命名空間中的其他人已經工作)
- 已經完成了項目的清理構建。
- 重新啓動的Visual Studio 2010中
爲什麼我似乎無法調用從類方法的思考?
這是確實的回答這個職位。謝謝。這完全滑落了我的想法。 –