Search Results

Search found 6526 results on 262 pages for 'strip tags'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 36/262 | < Previous Page | 32 33 34 35 36 37 38 39 40 41 42 43  | Next Page >

  • Can this be improved? Scrubbing of dangerous html tags.

    - by chobo2
    I been finding that for something that I consider pretty import there is very little information or libraries on how to deal with this problem. I found this while searching. I really don't know all the million ways that a hacker could try to insert the dangerous tags. I have a rich html editor so I need to keep non dangerous tags but strip out bad ones. So is this script missing anything? It uses html agility pack. public string ScrubHTML(string html) { HtmlDocument doc = new HtmlDocument(); doc.LoadHtml(html); //Remove potentially harmful elements HtmlNodeCollection nc = doc.DocumentNode.SelectNodes("//script|//link|//iframe|//frameset|//frame|//applet|//object|//embed"); if (nc != null) { foreach (HtmlNode node in nc) { node.ParentNode.RemoveChild(node, false); } } //remove hrefs to java/j/vbscript URLs nc = doc.DocumentNode.SelectNodes("//a[starts-with(translate(@href, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'), 'javascript')]|//a[starts-with(translate(@href, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'), 'jscript')]|//a[starts-with(translate(@href, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'), 'vbscript')]"); if (nc != null) { foreach (HtmlNode node in nc) { node.SetAttributeValue("href", "#"); } } //remove img with refs to java/j/vbscript URLs nc = doc.DocumentNode.SelectNodes("//img[starts-with(translate(@src, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'), 'javascript')]|//img[starts-with(translate(@src, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'), 'jscript')]|//img[starts-with(translate(@src, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'), 'vbscript')]"); if (nc != null) { foreach (HtmlNode node in nc) { node.SetAttributeValue("src", "#"); } } //remove on<Event> handlers from all tags nc = doc.DocumentNode.SelectNodes("//*[@onclick or @onmouseover or @onfocus or @onblur or @onmouseout or @ondoubleclick or @onload or @onunload]"); if (nc != null) { foreach (HtmlNode node in nc) { node.Attributes.Remove("onFocus"); node.Attributes.Remove("onBlur"); node.Attributes.Remove("onClick"); node.Attributes.Remove("onMouseOver"); node.Attributes.Remove("onMouseOut"); node.Attributes.Remove("onDoubleClick"); node.Attributes.Remove("onLoad"); node.Attributes.Remove("onUnload"); } } // remove any style attributes that contain the word expression (IE evaluates this as script) nc = doc.DocumentNode.SelectNodes("//*[contains(translate(@style, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'), 'expression')]"); if (nc != null) { foreach (HtmlNode node in nc) { node.Attributes.Remove("stYle"); } } return doc.DocumentNode.WriteTo(); } Edit 2 people have suggested whitelisting. I actually like the idea of whitelisting but never actually did it because no one can actually tell me how to do it in C# and I can't even really find tutorials for how to do it in c#(the last time I looked. I will check it out again). How do you make a white list? Is it just a list collection? How do you actual parse out all html tags, script tags and every other tag? Once you have the tags how do you determine which ones are allowed? Compare them to you list collection? But what happens if the content is coming in and has like 100 tags and you have 50 allowed. You got to compare each of those 100 tag by 50 allowed tags. Thats quite a bit to go through and could be slow. Once you found a invalid tag how do you remove it? I don't really want to reject a whole set of text if one tag was found to be invalid. I rather remove and insert the rest. Should I be using html agility pack?

    Read the article

  • python programme.

    - by siva
    hi, i am siva this is frist time taken the python programming language i have a small problem please help me the question is **Write two functions, called countSubStringMatch and countSubStringMatchRecursive that take two arguments, a key string and a target string. These functions iteratively and recursively count the number of instances of the key in the target string. You should complete definitions for def countSubStringMatch(target,key): and def countSubStringMatchRecursive (target, key): **

    Read the article

  • using internationalization on list data

    - by singh
    i am using Struts2 in application. <s:iterator value="listObject"> <s:component template="abc.vm"> <s:param name="text" value="listValue" /> <s:param name="prefix" value="listIndex" /> </s:component> </s:iterator> listValue is a values of list. i am using iterator to traverse the list. now on listValue, i want to put here internationalization concept.so that all the list value can be display based on Locale which store in a list. please suggest!

    Read the article

  • Posting an action works... but no image

    - by Brian Rice
    I'm able to post an open graph action to facebook using the following url: https://graph.facebook.com/me/video.watches with the following post data: video=http://eqnetwork.com/home/video.html?f=8e7b4f27-8cbd-4430-84df-d9ccb46da45f.mp4 It seems to be getting the title from the open graph metatags at the "video" object. But, it's not getting the image (even though one is specified in the metatag "og:image"). Also, if I add this to the post data: picture=http://eqnetwork.com/icons/mgen/overplayThumbnail.ms?drid=14282&subType=ljpg&w=120&h=120&o=1&thumbnail= still no image. Any thoughts? Brian

    Read the article

  • Validation error while putting <h> tag inside <a> tag(document type does not allow element "h2")

    - by makmour
    when using this code: <div class="menu"> <ul id="mainnav"> <li><h2><a href="dir1/" >AAAAA</a></h2> <ul> <li><a href="dir1/xxx.php"><h3>xxx</h3></a></li> <li><a href="dir1/xxx2.php"><h3>xxx2</h3></a></li> <li><a href="dir1/hxxx3.php"><h3>hxxx3</h3></a></li> </ul> </li> I get an error while validating saying that I should put <h2> outside of <a>. document type does not allow element <h2> When I do this validation passes without any problems but my styling breaks. Is there a way to keep both validation and styling? This is styling for menu and <h2> .menu li a{ font: 100% Helvetica, Arial, sans-serif; display:inline-block; color: #fff; } .menu li a:hover{ color: #014661; background: url('../images/menu1.png') center left no-repeat; } .menu li a h2{ font-size: 92%; padding: 8px 18px; font-weight: bold; text-transform: uppercase; } .menu h3{ font-size: 87%; font-weight: bold; text-transform: uppercase; } .menu li a h2:hover{ background: url('../images/menu2.png') center right no-repeat; }

    Read the article

  • Recommended Meta Elements?

    - by joyce
    Hi everyone! Setting up a "basic framework" for my website projects, I'm wondering which meta elements are really necessary/recommended? In particular, I'd like to know how to deal with the language attribute(s)!? In the following example, I think sth. is repeated unnecessarily... <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr"> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8" /> <meta http-equiv="content-style-type" content="text/css" /> <meta http-equiv="content-script-type" content="text/javascript" /> <meta http-equiv="content-language" content="en" /> <meta http-equiv="language" content="en" /> <title> Title </title> <base href="http://www.mydomain.com" /> <meta name="charset" content="utf-8" /> <meta name="content-language" content="en" /> <meta name="language" content="en" /> <meta name="description" content="description" /> <meta name="keywords" content="keywords" /> </head>

    Read the article

  • Get the selected value from a Select box and check that value against an array in the same form

    - by Rob Allen
    I'm new to JSTL/EL and JSP and can't seem to find a reference which covers the following scenario: I have an array of values in JavaScipt: var Countries = ('US', 'CA'); I then need to check to see if the currently selected value of a standard HTML select box is in that array. This is what I have so far: <select id="shippingCountry"> <option value="AT">Austria</option> <option value="CA">Canada</option> <option value="DE">Germany</option> //... <option value="US">United States</option> </select> <c:choose> <c:when test=" "> // I don't know what to put in the 'test' case <span class="required">*</span> </c:when> </c:choose>

    Read the article

  • Cannot access implict object from within method in custom JSP tag file

    - by David Hamilton
    I'm attempting to create a custom jsp tag. Everything is working fine, except for the fact that I the request seems to be out-of-scope for my custom function. Here is the relevant bit from the .tag file: <%! private String process(String age, BigDecimal amount) { //Attempting to access request here results in an compile time error trying to: String url=request.getURL; } %> I'm very new to JSP so I'm sure I'm missing something obvious..but I can't seem to figure out what. Any help is appreciated.

    Read the article

  • J2EE: Default values for custom tag attributes

    - by Nick
    So according to Sun's J2EE documentation (http://docs.sun.com/app/docs/doc/819-3669/bnani?l=en&a=view), "If a tag attribute is not required, a tag handler should provide a default value." My question is how in the hell do I define a default value as per the documentation's description. Here's the code: <%@ attribute name="visible" required="false" type="java.lang.Boolean" %> <c:if test="${visible}"> My Tag Contents Here </c:if> Obviously, this tag won't compile because it's lacking the tag directive and the core library import. My point is that I want the "visible" property to default to TRUE. The "tag attribute is not required," so the "tag handler should provide a default value." I want to provide a default value, so what am I missing? Any help is greatly appreciated.

    Read the article

  • How do I make nested regroups in Django?

    - by Marcio Cruz
    I've got the following situation in this system: Each category of products has many subcategories, and each subcategory has many products under it. I'm trying to make a product searh, which returns a list, and in my template, I show an overview of the results, like this: Cellphones Dumbphones (2 results) Smartphones (3 results) Monitors CRT (1 result) LCD (3 results) I'm my template I have only the list of products. I've tryed many combinations of nested regroups, without success. Any ideas?

    Read the article

  • How to always return a set number of records when using find_related_tags with acts-as-taggable-on

    - by hadees
    I'm using the acts-as-taggable-on gem and I need to use find_related_tags on my survey model to get back 3 surveys every time. In the event there aren't always 3 related I need to pick how ever many are related plus some random ones to get to 3. Additionally I have a method I wrote called completed_survey_ids which return an array of survey_ids that shouldn't be used because the user has already completed them. Also there is a rare case that there won't be enough surveys because the user has completed them all so in that event it is okay to return less surveys then requested. I did write a named_scope to handle getting rid of the completed_survey_ids that I think works named_scope :not, lambda { |survey_ids| {:conditions => "id NOT IN (#{survey_ids.join(',')})" } }

    Read the article

  • Wordpress custom post_type templates

    - by roman
    We are currently working on a Wordpress page that reuses data from another Application. To keep things clean, but still use most wordpress features, we decided to use custom post_type settings (register_post_type) for this data. Now the Problem is, that while accessing these Posts is no problem, the Permalink's to them fail with 404's. We currently work around this issue by adding an action to the "template_redirect" hook that essentially performs a query_posts for the name and our custom types. If query_posts found something we load our custom post templates with locate_template. Although this is working, it does not look like a clean solution - can anyone here propose a better way to tackle our problems?

    Read the article

  • Spring MVC - JSP - Place to Store Environment Specific Constants

    - by jboyd
    Where in the Spring-MVC/JSP application would you store things that need to be accessed by both the controllers and views such as environment specific base_url's, application ids to be used in javascript and so on? I've tried creating an application scoped bean and then at the top of my JSPs, but that doesn't seem to be working. <!-- Environment --> <bean id="myEnv" class="com.myapp.MyAppEnvironment" scope="application"> <property name="baseUrl" value="http://localhost:8080/myapp/"/> <property name="videoPlayerId" value="234346565"/> </bean> And using it in the following manner <jsp:useBean id="myEnv" scope="application" type="com.myapp.MyAppEnvironment"/>

    Read the article

  • CMS for managing plain-text content, with tagging

    - by user575606
    Hi, We have some quite-specific requirements for our app that a CMS may help us with, and were hoping that someone may know of a CMS that matches these requirements (it's quite a laborous task to download each CMS and verify this manually). We want a CMS to allow users to create and manage articles, but storing the articles in plain-text only. All of the CMSs that we have looked at so far are geared towards creating HTML pages. We want the CMS to manage workflow (approval process), and tracking of history. The requirements for plain text only is that the intent is to allow business people to generate content which we are going to display in our Silverlight application - we don't want to go down the route of hosting and displaying arbitrary HTML in the app as we want the styling to be seamless with our app, amongst other reasons. We would also want to allow the user to be able to link between articles, but not to external sites (i.e. HTML with no formatting, or some other way of specifying article links), and the third requirement is the ability to tag articles and search on articles. Does anyone know of any non-HTML targetted CMS systems that may match these requirements? Thanks, Gary

    Read the article

  • SVN - When you tag a working copy is it still a cheap copy?

    - by mcdon
    Using Subversion, in my working copy I make a minor modification (update a version number). I would then like to tag my working copy. Would this tag still be a cheap copy with the modification, or would SVN duplicate the files? I would hate to see my repository grow enormously in size because I'm trying to save a version number change. The reason I ask about creating a tag that contains a modification rather than committing then tagging involves my build server. The build server creates a CCNetLabel which I use to update the version numbers of my projects (AssemblyInfo.cs). When the build is successful it creates a tag. When I use ForceBuild the tag is based on the working copy which would contain the modified version number. I want the tag to contain the appropriate version number. note: It's debatable if I'm creating a branch or a tag, however SVN does not make a distinction between the two.

    Read the article

  • How to merge two different child nodes in the same XML file

    - by user814698
    I have an XML file and I would like to merge two different CONTACT child nodes. I have checked these websites it shows how to merge two different xml files into a single file. http://www2.informatik.hu-berlin.de/~obecker/XSLT/#merge Merge XML documents In my case this is my first contact in the xml file: <CONTACT> <PDE-Identity>N65539</PDE-Identity> <FirstName>Arun_niit</FirstName> <LastName>Arun_niit</LastName> <Facebook-ID/> <EMAILS> <EMail> <Type>yahoo</Type> <Value>[email protected]</Value> </EMail> </EMAILS> </CONTACT> This is the second contact in the file: <PDE-Identity>N65567</PDE-Identity> <FirstName>Arun_niit</FirstName> <LastName>Ramanathan</LastName> <Facebook-ID/> <EMAILS> <EMail> <Type>gmail</Type> <Value>[email protected]</Value> </EMail> <EMail> <Type>yahoo</Type> <Value>[email protected]</Value> </EMail> </EMAILS> </CONTACT> <CONTACT> I know both of the contacts are belongs to the same person. How can i merge these two contacts in the same xml file. Original XML File: <?xml version="1.0" encoding="UTF-8"?> <CONTACTS> <CONTACT> <PDE-Identity>N65539</PDE-Identity> <FirstName>Arun_niit</FirstName> <LastName>Arun_niit</LastName> <Facebook-ID/> <EMAILS> <EMail> <Type>yahoo</Type> <Value>[email protected]</Value> </EMail> </EMAILS> </CONTACT> <CONTACT> <PDE-Identity>N65567</PDE-Identity> <FirstName>Arun_niit</FirstName> <LastName>Ramanathan</LastName> <Facebook-ID/> <EMAILS> <EMail> <Type>gmail</Type> <Value>[email protected]</Value> </EMail> <EMail> <Type>yahoo</Type> <Value>[email protected]</Value> </EMail> </EMAILS> </CONTACT> <CONTACT> <PDE-Identity>N65567</PDE-Identity> <FirstName>Rangarajkarthik</FirstName> <LastName>karthik Rangaraj</LastName> <Facebook-ID/> <EMAILS> <EMail> <Type>gmail</Type> <Value>[email protected]</Value> </EMail> <EMail> <Type>yahoo</Type> <Value>[email protected]</Value> </EMail> </EMAILS> </CONTACT> <CONTACTS>

    Read the article

  • extra new lines with several outputStream.write

    - by Sam
    Hi All, I am writing jsp to export data in excel format to user. An excel could be recieved on the cient side. However, since there's large amount of data, and I don't want to keep it in the server memory and write them at the end. I try to divide them and write serveral times. However, each extra write(..) will cause an extra new lines at the top of the excel worksheet and then the extra data is placed after these new lines. Does anyone know the reasons? The code is something like this: response.setHeader("Content-disposition","attachment;filename=DocuShareSearch.xls"); response.setHeader("Content-Type", "application/octet-stream"); responseContent ="<table><tr><td>12131</td></tr>......."; byte[] responseByte1 = responseContent.getBytes("utf-16"); outputStream.write(responseByte1, 0, responseByte1.length ); responseContent =".....<tr><td>12131</td></tr></table>"; byte[] responseByte2 = responseContent.getBytes("utf-16"); outputStream.write(responseByte2, 0, responseByte2.length ); outputStream.close();

    Read the article

  • What other Freemarker JSP Tag libraries are out-there?

    - by Mat Banik
    I have been using Freemarker for a while and found displaytag library very useful. I just wondering if there are any other libraries that could be used in similar means as displaytag, which have been very helpful to you in development: FTL page <#assign display=JspTaglibs["/WEB-INF/tlds/displaytag.tld"]/> <@display.table uid="items" name="items" pagesize=10 class="table"> <@display.column title="Category" property="category.name"/> <@display.column title="Delivery" property="delivery"/> </@display.table> Example of usage would be appreciated since most of the JSP tag libs don't have them.

    Read the article

  • how to get the css keys and values for any html tag

    - by artsince
    I would like to dump all css key/value pairs for an html tag. In particular, I would like to learn the css properties for <audio> tag, so I can try to customize the look. document.getElementById('myaudio').style returns a CSSStyleDeclaration object but length returns 0 and I cannot figure out to iterate over the key/value pairs. Thank you

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 32 33 34 35 36 37 38 39 40 41 42 43  | Next Page >