Sign in Register
Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • adrianfriend 67 posts 68 karma points
    Oct 07, 2009 @ 17:39
    adrianfriend
    0

    Calling global c# method from xslt

    Hi All,

    We would like to use Microsoft AntiXss 3.1 to encode all user input (i.e. in QueryStrings on search & filter pages).

    I have tested this using the following

    <msxml:script language="C#" implements-prefix="lelo">
    <msxml:assembly name="AntiXssLibrary" />
    <msxml:using namespace="Microsoft.Security.Application" />       
    <![CDATA[
    public string antiXss(string querystring)
    {
       return AntiXss.HtmlEncode(querystring);
    }
    ]]>
    </msxml:script>

    As we have many XSLT files I don't really want to add this to each one, is there a more elegant solution?

    Cheers,

    Adrian

    Copy Link
  • Morten Bock 1867 posts 2140 karma points MVP 2x admin c-trib
    Oct 07, 2009 @ 19:27
    Morten Bock
    0

    You could wrap it in an XSLT extension instead. The the reference would automatically be made in all new xslt files. 

    There is a small guide here: http://en.wikibooks.org/wiki/Umbraco/Create_xslt_exstension_like_umbraco.Library_in_C

    Copy Link
  • adrianfriend 67 posts 68 karma points
    Oct 07, 2009 @ 20:00
    adrianfriend
    0

    tak Morten exactly what I was looking for :)

    Copy Link

  • This forum is in read-only mode while we transition to the new forum.

    You can continue this topic on the new forum by tapping the "Continue discussion" link below.

Please Sign in or register to post replies