Asp.net中如何過濾html,js,css代碼

#region/// 過濾html,js,css代碼 /// <summary> /// 過濾html,js,css代碼 /// </summary> /// <param name="html">參數傳入</param> /// <returns></returns> public static string CheckStr(string html) { System.Text.RegularExpressions.Regex regex1 = new System.Text.RegularExpressions.Regex(@"<script[\s\S]+</script *>", System.Text.RegularExpressions.RegexOptions.IgnoreCase); System.Text.RegularExpressions.Regex regex2 = new System.Text.RegularExpressions.Regex(@" href *= *[\s\S]*script *:", System.Text.RegularExpressions.RegexOptions.IgnoreCase); System.Text.RegularExpressions.Regex regex3 = new System.Text.RegularExpressions.Regex(@" no[\s\S]*=", System.Text.RegularExpressions.RegexOptions.IgnoreCase); System.Text.RegularExpressions.Regex regex4 = new System.Text.RegularExpressions.Regex(@"<iframe[\s\S]+</iframe *>", System.Text.RegularExpressions.RegexOptions.IgnoreCase); System.Text.RegularExpressions.Regex regex5 = new System.Text.RegularExpressions.Regex(@"<frameset[\s\S]+</frameset *>", System.Text.RegularExpressions.RegexOptions.IgnoreCase); System.Text.RegularExpressions.Regex regex6 = new System.Text.RegularExpressions.Regex(@"\<img[^\>]+\>", System.Text.RegularExpressions.RegexOptions.IgnoreCase); System.Text.RegularExpressions.Regex regex7 = new System.Text.RegularExpressions.Regex(@"</p>", System.Text.RegularExpressions.RegexOptions.IgnoreCase); System.Text.RegularExpressions.Regex regex8 = new System.Text.RegularExpressions.Regex(@"<p>", System.Text.RegularExpressions.RegexOptions.IgnoreCase); System.Text.RegularExpressions.Regex regex9 = new System.Text.RegularExpressions.Regex(@"<[^>]*>", System.Text.RegularExpressions.RegexOptions.IgnoreCase); html = regex1.Replace(html, ""); //過濾<script></script>標記 html = regex2.Replace(html, ""); //過濾href=javascript: (<A>) 屬性 html = regex3.Replace(html, " _disibledevent="); //過濾其它控件的on...事件 html = regex4.Replace(html, ""); //過濾iframe html = regex5.Replace(html, ""); //過濾frameset html = regex6.Replace(html, ""); //過濾frameset html = regex7.Replace(html, ""); //過濾frameset html = regex8.Replace(html, ""); //過濾frameset html = regex9.Replace(html, ""); html = html.Replace(" ", ""); html = html.Replace("</strong>", ""); html = html.Replace("<strong>", ""); return html; } #endregion #region /// 過濾p /p代碼 /// <summary> /// 過濾p /p代碼 /// </summary> /// <param name="html">參數傳入</param> /// <returns></returns> public static string InputStr(string html) { html = html.Replace(@"\<img[^\>]+\>", ""); html = html.Replace(@"<p>", ""); html = html.Replace(@"</p>", ""); return html; } #endregion /// <summary> /// 截取字符串 /// </summary> /// <param name="str"></param> /// <param name="length"></param> /// <returns></returns> protected string GetLength(string str, int length) { string strR = str; if (str.Length > length) { strR = str.Substring(0, length) + "..."; } return strR; }