Initial commit

2018-05-04 15:39:39 +03:00
parent a3d68b2c0b
commit de57355d06
33 changed files with 13108 additions and 20 deletions
--- a/README.md
+++ b/README.md
@@ -0,0 +1,30 @@
+AntiSamy .NET
+========
+
+A .net standard library for performing configurable cleansing of HTML coming from untrusted sources.
+
+Another way of saying that could be: It's an API that helps you make sure that clients don't supply malicious cargo code in the HTML they supply for their profile, comments, etc., 
+that get persisted on the server. The term "malicious code" in regards to web applications usually mean "JavaScript." Mostly, Cascading Stylesheets are only considered malicious 
+when they invoke the JavaScript. However, there are many situations where "normal" HTML and CSS can be used in a malicious manner.
+
+How to Use
+----------
+First, add the dependency from Nuget
+```powershall
+install-package AntiSamy
+```
+
+```csharp
+Policy antiSamyPolicy = Policy.FromFile("<your_antisamy_xml_file_path>")
+AntiSamy antiSamy = new AntiSamy(); 
+string yourDirtyInput = "<DIV><INPUT TYPE=\"IMAGE\" SRC=\"javascript:alert('XSS');\"></DIV>";
+AntiSamyResult result = antiSamy.Scan(yourDirtyInput, antiSamyPolicy);
+
+string cleanHtml = result.CleanHtml; 
+IEnumerable<string> errorMessages = result.ErrorMessages;
+```
+
+Referances
+----------
+
+* [OWASP AntiSamy Project - https://www.owasp.org/index.php/Category:OWASP_AntiSamy_Project](https://www.owasp.org/index.php/Category:OWASP_AntiSamy_Project)