0
Asp.net 4.5,IIS 8HtmlAgilityPackSanitizerProvider无法正常工作吗?
消毒剂甚至没有删除这个简单的脚本
<script>alert('error')</script>
确定这里我的配置
<asp:TextBox ID="txtMessageBody" TextMode="MultiLine" Height="500px" runat="server"
CssClass="MessageSendArea" MaxLength="4000" ClientIDMode="Static" />
<ajaxToolkit:HtmlEditorExtender ID="htmlEditorExtender1" TargetControlID="txtMessageBody"
runat="server" DisplaySourceTab="True">
<Toolbar>
<ajaxToolkit:Undo />
<ajaxToolkit:Redo />
<ajaxToolkit:Bold />
<ajaxToolkit:Italic />
<ajaxToolkit:Underline />
<ajaxToolkit:StrikeThrough />
<ajaxToolkit:Subscript />
<ajaxToolkit:Superscript />
<ajaxToolkit:JustifyLeft />
<ajaxToolkit:JustifyCenter />
<ajaxToolkit:JustifyRight />
<ajaxToolkit:JustifyFull />
<ajaxToolkit:InsertOrderedList />
<ajaxToolkit:InsertUnorderedList />
<ajaxToolkit:CreateLink />
<ajaxToolkit:UnLink />
<ajaxToolkit:RemoveFormat />
<ajaxToolkit:SelectAll />
<ajaxToolkit:UnSelect />
<ajaxToolkit:Delete />
<ajaxToolkit:Cut />
<ajaxToolkit:Copy />
<ajaxToolkit:Paste />
<ajaxToolkit:BackgroundColorSelector />
<ajaxToolkit:ForeColorSelector />
<ajaxToolkit:FontNameSelector />
<ajaxToolkit:FontSizeSelector />
<ajaxToolkit:Indent />
<ajaxToolkit:Outdent />
<ajaxToolkit:InsertHorizontalRule />
<ajaxToolkit:HorizontalSeparator />
</Toolbar>
</ajaxToolkit:HtmlEditorExtender>
这里我webconfig
<configSections>
<sectionGroup name="system.web">
<section name="sanitizer" requirePermission="false" type="AjaxControlToolkit.Sanitizer.ProviderSanitizerSection, AjaxControlToolkit"/>
</sectionGroup>
<trust level="Full"/>
<sanitizer defaultProvider="HtmlAgilityPackSanitizerProvider">
<providers>
<add name="HtmlAgilityPackSanitizerProvider" type="AjaxControlToolkit.Sanitizer.HtmlAgilityPackSanitizerProvider"/>
</providers>
</sanitizer>
这里我检查
if (htmlEditorExtender1.SanitizerProvider == null)
{
Response.Redirect("PostNewPM.aspx");
}
在这里,结果当我发布上述警告文字讯息
<script>alert('error')</script>
,当它被解码以显示给用户
<script>alert('error')</script>