Sanitizer.GetSafeHtmlFragment() doesn't work correctly with 1084 Unicode symbol

Sanitizer.GetSafeHtmlFragment('м') returns "&# 1084;" Seems that problem is in this class Microsoft.Exchange.Data.TextConverters.HtmlWriter bool IFallback.IsUnsafeUnicode(char ch, bool isFirstCh...

Id #21693 | Release: None | Updated: Wed at 2:16 PM by bdorrans | Created: Wed at 9:43 AM by RoGrib

where does this install to?

Hi. The installer and the instructions amazingly do not tell me where this will install. Is this so secure, that we are not able to find it? If I have to goto the GAC to get this, then that is an a...

Id #21668 | Release: None | Updated: Jan 16 at 9:11 PM by KentucyTacoHut | Created: Jan 16 at 9:11 PM by KentucyTacoHut

Not able to find SRE or antixss module

I wanted to use the Security RunTime Engine or the antixss module. Not able to find the dll or the code. Can some one please help me in locating it or any similar httpmodule which can be used for a...

Id #21559 | Release: None | Updated: Jan 16 at 9:05 PM by KentucyTacoHut | Created: Nov 14, 2014 at 11:07 AM by ajantanag

SAP BPC cannot load "Could not load file or assembly 'AntiXssLibrary' or one of its dependencies. This assembly is built by a runtime newer than the currently loaded runtime and cannot be loaded"

We are running SAP Business planning and consolidation (BPC) software version 7.5 MS. I recently did a service pack update and one of the requirement was to install AntiXSSLibrary. I downloaded...

Id #20017 | Release: None | Updated: Jun 3, 2014 at 1:43 AM by bdorrans | Created: Jul 30, 2013 at 11:51 PM by yokeshkumar

Paste into HtmlEditorExtender adds <o:p>

Hi, I have a static html page that was originally created using Microsoft Word 2010. I want to copy the contents of this page into a website I'm building that using the HtmlEditorExtender. Howev...

Id #19949 | Release: None | Updated: Jul 9, 2013 at 7:38 AM by kepboy | Created: Jul 9, 2013 at 7:38 AM by kepboy

AntiXSS Sanitizer removes html <br> and <br/> tags from AjaxControlToolkit HtmlEditorExtender generated html.

I have added a Htmleditorextender ajax control to my asp.net web application with putting XSS sanitizer in it for XSS security but now when I retrieve the text from Htmleditorextender the sanitizer...

Id #18339 | Release: None | Updated: Jun 3, 2014 at 1:40 AM by bdorrans | Created: Jul 10, 2012 at 3:28 AM by saurav_kumar

GetSafeHtmlFragment adds newline at first space after 256 characters

The result from   Sanitizer.GetSafeHtmlFragment("Lorem ipsum dolor sit amet, consectetur adipiscing elit. Sed nunc tellus, consectetur eget blandit euismod, pharetra a libero. In pretium, sem sed m...

Id #17733 | Release: None | Updated: Feb 22, 2013 at 1:07 AM by Budsy | Created: Mar 30, 2012 at 1:18 PM by mronnlun

Source Code is Missing

There is no matching source code for what is being released at Microsoft's download site. I can't find source for the current 4.2.1 version   If this is done intentionally, to hide details behind...

Id #17464 | Release: None | Updated: Feb 22, 2013 at 1:07 AM by LaJmOn | Created: Feb 23, 2012 at 2:46 AM by clamont

Sanitizer.GetSafeHtmlFragment() Replaces <br /> with <br>

I have several textareas in which I replace the \r\n with a <br /> tag and when I use GetSafeHtmlFragment() to display my string, it replaces the <br /> tag with a <br> tag and therefore causing th...

Id #17120 | Release: None | Updated: Feb 22, 2013 at 1:07 AM by NickPetrovits | Created: Dec 22, 2011 at 8:55 PM by b471code3

CssEncode doesn't sanitise expression syntax correctly

CssEncode("expression(alert('Hello'))") returns "expression\000028alert\000028\000027Hello\000027\000029\000029"   This looks correct, but unfortunately IE7 and IE8 evaluate / execute the expressio...

Id #16312 | Release: None | Updated: Feb 22, 2013 at 1:07 AM by xumix | Created: Jul 28, 2011 at 10:28 AM by cfl_js