HtmlSanitizer and Base64 strings

Jan 11, 2011 at 9:53 PM

I have a scenario where base64-encoded strings are passed to the HtmlSanitizer (encrypted data is submitted as well as form values).

How do I customize the HtmlSanitizer to allow/permit certain characters in those base64 strings?



Jan 12, 2011 at 3:24 AM

I'm afraid the HtmlSanitizer isn't customisable.

Jan 12, 2011 at 6:20 PM

Suggest supporting '+' and '/' characters in the case of Base64/MIME encoded strings.

I realize both characters could be exploited, so I'll leave it to you guys to decide.

In my case, I'll just reverse the encoding for these 2 characters.