Silicon Investor (SI) -- The First Internet Community

STOCKTALK

We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor. We ask that you disable ad blocking while on Silicon Investor in the best interests of our community. If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.

Pastimes : Silicon Investor, under the hood -- Ignore unavailable to you. Want to Upgrade?

To: SI Dave who wrote (63)	11/27/2005 11:48:18 PM
From: SI Dave	Read Replies (2) \| Respond to of 81

I should have mentioned that I'm already looking at TidyLib (HTML Tidy) to see if that will meet our requirements.

To: SI Dave who wrote (63)	11/28/2005 3:07:12 PM
From: Cisco	Read Replies (1) \| Respond to of 81

Dave, couldn't you control positioning of the various page elements through the CSS rather than a bunch of html rules so that regardless of how bad the html the integrity of the page structure would remain? For example, if you want to continue to use tables, place them within various <div> tags and use absolute and relative positioning to maintain page structure.

To: SI Dave who wrote (63)	11/30/2005 7:43:19 PM
From: Tom C	Respond to of 81

The non-compliant html is another issue. The first person to find a free and sufficiently comprehensive HTML stripper I'm going to assume you are talking about the profile page and you don’t mean to disable html altogether since that is easily accomplished using the HttpUtility.HtmlEncode() function. I was going to try this out myself but I haven’t had the time but I’ll throw it out there anyway. Keep in mind this is not compiled or tested. If you want to allow some html tags but not others I would try using the XmlDocument class. HTML is close to XML compliant with some notable exceptions like the <img source=xxx.gif> and <br> tags. In each case you can replace the > with /> to make them compliant. Add you own tags for those plain old text fields after forcing some tags into compliance with XML: xmlDoc.LoadXml(“<Company>” + txtbox.text + “</Company>”) catch any exceptions. If it throws an exception then htmlEncode() the txtbox.text. If it loads then the there are no unclosed tags. Once in the document object you can inspect each of the tags to ensure that they are allowed. System.Xml.XmlNodeList xmlTags = XmlCmdDoc.SelectNodes("/Company"); Loop through the tags and make sure they are allowed. for (int i = 0; i < xmlTags.Count; i++) { if (!InAllowedTagList(xmlTags.Name) ) { return HttpUtility.HtmlEncode (txtbox.text) } } return txtbox.text;