RockFluid.MarkupSanity 1.4.0

.NET Framework This package is compatible with all versions of .NET Framework. 
dotnet add package RockFluid.MarkupSanity --version 1.4.0                

                    
                

            
NuGet\Install-Package RockFluid.MarkupSanity -Version 1.4.0
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package. 
<PackageReference Include="RockFluid.MarkupSanity" Version="1.4.0" />
For projects that support PackageReference, copy this XML node into the project file to reference the package. 
paket add RockFluid.MarkupSanity --version 1.4.0                

                    
                

            
#r "nuget: RockFluid.MarkupSanity, 1.4.0"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package. 
// Install RockFluid.MarkupSanity as a Cake Addin
#addin nuget:?package=RockFluid.MarkupSanity&version=1.4.0

// Install RockFluid.MarkupSanity as a Cake Tool
#tool nuget:?package=RockFluid.MarkupSanity&version=1.4.0

Uses HtmlAgilityPack parser to protect against cross-site scripting by sanitizing html text against unrecognized tags and attributes.

HTML is matched against defined whitelisted tags and attributes to ensure only known safe markups are allowed.

Basic usage:
String inputValue = "<a onclick="javascript:alert('Gotcha!');" href="javascript:alert('Gotcha again!');">Click Me</a>";
String cleanValue = inputValue.SanitizeHtml();
Console.Writeline(cleanValue);

More information is available in the project site's wiki.

What's New?
1.4.0
- Added RemoveComments configuration property. This allows the retention of comments after cleaning.
- Refactored Sanitize() function for code maintainability.
- Added new SanitizeConfigurations class to allow cleaning with a different set of configurations from the global settings.
- Added new TrySanitizeHtml() function to check whether the input was dirty and subsequently cleaned.

1.3.1
- Added RemoveMarkupTagsOnly configuration property. This provides the option to remove the invalid markup tag only, retaining the contents.
- Fixed a bug where spaces in the value of Type attributes circumvents the script type checking.

1.2.0
- Added CustomBlacklistedTags configuration property. This removes tags from internal and custom whitelists, for cases when internal list is acceptable except for a few tags configured in it.

1.1.0
- Added Supplemental Tags and Attributes to add extra elements to the internal defaults, instead of having to add all defaults again to the customs lists just to add a few special ones.
- Other internal improvements.

1.0.1
- Added a comprehensive list of default whitelisted tags and attributes.

Product Compatible and additional computed target framework versions.
.NET Framework net is compatible. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last updated
1.4.0 2,569 1/6/2019
1.3.1 840 10/23/2018
1.2.0 730 10/22/2018
1.1.0 1,008 2/10/2018
1.0.1 979 1/23/2018
1.0.0 966 1/7/2018

Miscellaneous internal refactorings.