I am using C# Webbrowser Control in my application and it is executing the javascript alerts. My application is basically polling emails from a database and one of my test scenario is to have an alert in the message body of the email. The email message body will only have alert(1); and when I am trying to display this text in the Webbrowser control, the control is executing this piece of javascript and is displaying the alert. Is there any way to not to allow webbrowser control to display these alerts?
Asked
Active
Viewed 331 times
0
-
.Net Framework that I am using is 4.0 – Sumeet Chakraborty Jul 07 '15 at 17:57
-
possible duplicate of [Disable javascript in WinForms WebBrowser control?](http://stackoverflow.com/questions/10623697/disable-javascript-in-winforms-webbrowser-control) – user247702 Jul 07 '15 at 18:04
1 Answers
0
May be you can remove the javascript code before loading the HTML in the WebBrowser. Don't use a simple Replace or Regex, use something like Html Agility Pack. There is an example of sanitation here.
Maxence
- 12,868
- 5
- 57
- 69
-
Is it not possible for me to tell the webbrowser control to detect it as a normal text and not to process it as an HTML document? – Sumeet Chakraborty Jul 14 '15 at 12:02
-
-
Thanks for your comments. But, one thing I do not understand is that, the email message body has the alert in this format (<script>alert(1);</script>) when I am fetching it from the database and passing it to the webbrowser control. Shouldn't the web browser control suppress the execution of this script encountering these escape characters (< and >) – – Sumeet Chakraborty Jul 28 '15 at 12:50
-
I was able to resolve this issue by overriding the functions IInternetSecurityManager class. basically, I created my own custom security manager where in I prevented execution of the javascripts. Thank you so much for your help. – Sumeet Chakraborty Jul 30 '15 at 07:14