I need to sanitize my input html string against any javascript traces (including events) to prevent the xss injection. Is there any .NET library or decent regex exist to solve this issue quickly? I just need to detect if javascript present in the html and throw an exception.
Asked
Active
Viewed 628 times
1
-
Maybe this could help you: https://stackoverflow.com/questions/9567715/how-to-detect-javascript-execution-in-webbrowser-control – MetaColon Jan 05 '18 at 23:34
-
Asking for regex to parse HTML is really bad idea (you've likely read through https://stackoverflow.com/questions/1732348/regex-match-open-tags-except-xhtml-self-contained-tags/ carefully already, but may be good idea to re-read). Asking for libraries is off-topic... But since this question was asked many times in many variations I think duplicate is as good as closing as "search for tools" - for future question make sure to read through https://stackoverflow.com/help/on-topic. – Alexei Levenkov Jan 06 '18 at 01:58