Michael Ganss
@@ -61,7 +61,7 @@ namespace Html
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// The default allowed HTTP schemes.
|
||||
/// The default allowed URI schemes.
|
||||
/// </summary>
|
||||
public static readonly IEnumerable<string> DefaultAllowedSchemes = new[] { "http", "https" };
|
||||
|
||||
|
||||
17
README.md
17
README.md
@@ -9,11 +9,26 @@ In order to facilitate different use cases, HtmlSanitizer can be customized at s
|
||||
- Configure allowed HTML tags through the property `AllowedTags`. All other tags will be stripped.
|
||||
- Configure allowed HTML attributes through the property `AllowedAttributes`. All other attributes will be stripped.
|
||||
- Configure allowed CSS property names through the property `AllowedCssProperties`. All other styles will be stripped.
|
||||
- Configure allowed URI schemes through the property `AllowedCssProperties`. All other URIs will be stripped.
|
||||
- Configure allowed URI schemes through the property `AllowedSchemes`. All other URIs will be stripped.
|
||||
- Configure HTML attributes that contain URIs (such as "src", "href" etc.) through the property `UriAttributes`.
|
||||
- Provide a base URI that will be used to resolve relative URIs against.
|
||||
- Cancelable events are raised before a tag, attribute, or style is removed.
|
||||
|
||||
### Tags allowed by default
|
||||
`a, abbr, acronym, address, area, b, big, blockquote, br, button, caption, center, cite, code, col, colgroup, dd, del, dfn, dir, div, dl, dt, em, fieldset, font, form, h1, h2, h3, h4, h5, h6, hr, i, img, input, ins, kbd, label, legend, li, map, menu, ol, optgroup, option, p, pre, q, s, samp, select, small, span, strike, strong, sub, sup, table, tbody, td, textarea, tfoot, th, thead, tr, tt, u, ul, var`
|
||||
|
||||
### Attributes allowed by default
|
||||
`abbr, accept, accept-charset, accesskey, action, align, alt, axis, bgcolor, border, cellpadding, cellspacing, char, charoff, charset, checked, cite, clear, cols, colspan, color, compact, coords, datetime, dir, disabled, enctype, for, frame, headers, height, href, hreflang, hspace, ismap, label, lang, longdesc, maxlength, media, method, multiple, name, nohref, noshade, nowrap, prompt, readonly, rel, rev, rows, rowspan, rules, scope, selected, shape, size, span, src, start, style, summary, tabindex, target, title, type, usemap, valign, value, vspace, width`
|
||||
|
||||
### CSS properties allowed by default
|
||||
`background, background-attachment, background-color, background-image, background-position, background-repeat, border, border-bottom, border-bottom-color, border-bottom-style, border-bottom-width, border-collapse, border-color, border-left, border-left-color, border-left-style, border-left-width, border-right, border-right-color, border-right-style, border-right-width, border-spacing, border-style, border-top, border-top-color, border-top-style, border-top-width, border-width, bottom, caption-side, clear, clip, color, content, counter-increment, counter-reset, cursor, direction, display, empty-cells, float, font, font-family, font-size, font-style, font-variant, font-weight, height, left, letter-spacing, line-height, list-style, list-style-image, list-style-position, list-style-type, margin, margin-bottom, margin-left, margin-right, margin-top, max-height, max-width, min-height, min-width, opacity, orphans, outline, outline-color, outline-style, outline-width, overflow, padding, padding-bottom, padding-left, padding-right, padding-top, page-break-after, page-break-before, page-break-inside, quotes, right, table-layout, text-align, text-decoration, text-indent, text-transform, top, unicode-bidi, vertical-align, visibility, white-space, widows, width, word-spacing, z-index`
|
||||
|
||||
### URI schemes allowed by default
|
||||
``http, https``
|
||||
|
||||
### Default attributes that contain URIs
|
||||
`action, background, dynsrc, href, lowsrc, src`
|
||||
|
||||
Usage
|
||||
-----
|
||||
|
||||
|
||||
Reference in New Issue
Block a user