|
static private Jail ( string untrusted, string clientSideFilterName, string noScriptDownlevelIEWidth, string noScriptDownlevelIEHeight, bool supportNoScriptTables, int maxComplexity, |
||
| untrusted | string | |
| clientSideFilterName | string | |
| noScriptDownlevelIEWidth | string | |
| noScriptDownlevelIEHeight | string | |
| supportNoScriptTables | bool | |
| maxComplexity | int | |
| trustedImageUrlRegex | ||
| spamFreeLinkUrlRegex | ||
| return | string | |
internal static string Jail(string untrusted, string clientSideFilterName,
string noScriptDownlevelIEWidth, string noScriptDownlevelIEHeight,
bool supportNoScriptTables, int maxComplexity,
Regex trustedImageUrlRegex, Regex spamFreeLinkUrlRegex)
{
ScriptJail jail = new ScriptJail(supportNoScriptTables, maxComplexity, trustedImageUrlRegex, spamFreeLinkUrlRegex);
string jailed = null;
try
{
jailed = JailRE.Replace(untrusted, new MatchEvaluator(jail.GuardJail));
// If any untrusted tables are still open, close any open attributes and tags
// and then close all the tables.
if (jail.UntrustedTables > 0)
{
jailed += ParserResetString;
while (jail.UntrustedTables-- > 0)
jailed += "</table>";
}
}
catch (ContentTooComplexException)
{
jailed = "The content that belongs here is too complex to display securely.";
}
return String.Format(Format, clientSideFilterName, jailed,
noScriptDownlevelIEWidth, noScriptDownlevelIEHeight,
maxComplexity,
trustedImageUrlRegex == null ? "null" : "new RegExp(\"" + trustedImageUrlRegex + "\")");
}
public string FilterUntrusted(string untrusted)
{
return(ScriptJail.Jail(untrusted, ClientSideFilterName, NoScriptDownlevelIEWidth, NoScriptDownlevelIEHeight,
SupportNoScriptTables, MaxComplexity, TrustedImageUrlRegex, SpamFreeLinkUrlRegex));
}