做网站类似留言的时候可以用到的过滤危险字符的方法
路漫漫其修远兮..........
代码如下:
public string NoHTML(string Htmlstring)
{
string strOutput = Htmlstring;
strOutput = Regex.Replace(strOutput, @"<script[^>]*?>.*?</script>", "", RegexOptions.IgnoreCase);
// strOutput = Regex.Replace(strOutput,@"<(///s*)?!?((/w+:)?/w+)(/w+(/s*=?/s*(([""'])(//[""'tbnr]|[^/7])*?/7|/w+)|.{0})|/s)*?(///s*)?>","",RegexOptions.IgnoreCase);//在个别情况下会引起IIS吃爆CPU的现象
strOutput = Regex.Replace(strOutput, @"<(.[^>]*)>", "", RegexOptions.IgnoreCase);
strOutput = Regex.Replace(strOutput, @"([/r/n])[/s]+", "", RegexOptions.IgnoreCase);
strOutput = Regex.Replace(strOutput, @"-->", "", RegexOptions.IgnoreCase);
strOutput = Regex.Replace(strOutput, @"<!--.*", "", RegexOptions.IgnoreCase);
strOutput = Regex.Replace(strOutput, @"&(quot|#34);", "/"", RegexOptions.IgnoreCase);
strOutput = Regex.Replace(strOutput, @"&(amp|#38);", "&", RegexOptions.IgnoreCase);
strOutput = Regex.Replace(strOutput, @"&(lt|#60);", "<", RegexOptions.IgnoreCase);
strOutput = Regex.Replace(strOutput, @"&(gt|#62);", ">", RegexOptions.IgnoreCase);
strOutput = Regex.Replace(strOutput, @"&(nbsp|#160);", " ", RegexOptions.IgnoreCase);
strOutput = Regex.Replace(strOutput, @"&(iexcl|#161);", "/xa1", RegexOptions.IgnoreCase);
strOutput = Regex.Replace(strOutput, @"&(cent|#162);", "/xa2", RegexOptions.IgnoreCase);
strOutput = Regex.Replace(strOutput, @"&(pound|#163);", "/xa3", RegexOptions.IgnoreCase);
strOutput = Regex.Replace(strOutput, @"&(copy|#169);", "/xa9", RegexOptions.IgnoreCase);
strOutput = Regex.Replace(strOutput, @"&#(/d+);", "", RegexOptions.IgnoreCase);
strOutput.Replace("<", "");
strOutput.Replace(">", "");
strOutput.Replace("/r/n", "");
strOutput = HttpContext.Current.Server.HtmlEncode(strOutput).Trim();
return strOutput;
}
扫一扫
266
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
