C# code for replacing either a specific tag, or removing a series of potentially malicious tags from an HTML string:
using System.Text.RegularExpressions
// Replace BODY tag with "<div id="advert/">" (for later replacement with ad code, for example):
strContent = Regex.Replace(strContent, @"</?(?I:BODY)(.|\N)*?>", "<div id="advert/">");
//Malicious script: replace any and all of script / body /embed / object / frameset / frame / iframe / meta / ling /style with "")
strContent = Regex.Replace(strContent, @"</?(?I:SCRIPT|BODY|EMBED|OBJECT|FRAMESET|FRAME|IFRAME|META|LINK|STYLE)(.|\N)*?>", "");
No comments:
Post a Comment