I have set the encoderType to "System.Web.Security.AntiXss.AntiXssEncoder,System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" for my project which is a simple ASP .NET 4...
Id #19074 | Release:
None
| Updated: Feb 22 at 12:07 AM by tom35 | Created: Dec 17, 2012 at 3:00 PM by sean986
Whenever i try to upload image in htmleditorextender in IE 10 it hangs up on 1% or stops working another issue is when i press enter for new line, new line goes too far from current cursor position.
Id #18340 | Release:
None
| Updated: Feb 22 at 12:07 AM by saurav_kumar | Created: Jul 10, 2012 at 2:35 AM by saurav_kumar
I have added a Htmleditorextender ajax control to my asp.net web application with putting XSS sanitizer in it for XSS security but now when I retrieve the text from Htmleditorextender the sanitizer...
Id #18339 | Release:
None
| Updated: Mar 12 at 9:51 PM by jmvdbeek | Created: Jul 10, 2012 at 2:28 AM by saurav_kumar
The result from
Sanitizer.GetSafeHtmlFragment("Lorem ipsum dolor sit amet, consectetur adipiscing elit. Sed nunc tellus, consectetur eget blandit euismod, pharetra a libero. In pretium, sem sed m...
Id #17733 | Release:
None
| Updated: Feb 22 at 12:07 AM by Budsy | Created: Mar 30, 2012 at 12:18 PM by mronnlun
There is no matching source code for what is being released at Microsoft's download site. I can't find source for the current 4.2.1 version
If this is done intentionally, to hide details behind...
Id #17464 | Release:
None
| Updated: Feb 22 at 12:07 AM by LaJmOn | Created: Feb 23, 2012 at 1:46 AM by clamont
When we updated our AntiXss library to 4.2.1 we noticed that our GetSafeHtmlFragment was no longer working. Is it required that we now whitelist any html attributes that we need with the newest rel...
Id #17246 | Release:
None
| Updated: May 8 at 9:57 PM by dvdrom000 | Created: Jan 12, 2012 at 5:27 PM by timwilson
I have several textareas in which I replace the \r\n with a <br /> tag and when I use GetSafeHtmlFragment() to display my string, it replaces the <br /> tag with a <br> tag and therefore causing th...
Id #17120 | Release:
None
| Updated: Feb 22 at 12:07 AM by NickPetrovits | Created: Dec 22, 2011 at 7:55 PM by b471code3
CssEncode("expression(alert('Hello'))") returns "expression\000028alert\000028\000027Hello\000027\000029\000029"
This looks correct, but unfortunately IE7 and IE8 evaluate / execute the expressio...
Id #16312 | Release:
None
| Updated: Feb 22 at 12:07 AM by xumix | Created: Jul 28, 2011 at 9:28 AM by cfl_js
Microsoft.Security.Application.Santizier.GetSafeHtmlFragment("<input type=""text"" />") returns '<input type="text" /> <div></div>' and I would expect it to return '<input type="text" />'
Id #15926 | Release:
None
| Updated: Feb 22 at 12:07 AM by mnty9er | Created: May 27, 2011 at 6:03 PM by mnty9er
Hi,
I am using the latest v4.0. I have:
add AxtiXSSLibrary reference
create AntiXSSEncoder derived from HttpEncoder
override the HtmlEncode method: output.Write(Encoder.HtmlEncode(value));
se...
Id #15622 | Release:
None
| Updated: Feb 22 at 12:07 AM by xumix | Created: Apr 1, 2011 at 1:31 AM by CallMeLaNN