Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 8 years ago.
Questions asking us to recommend or find a tool, library or favorite off-site resource are off-topic for Stack Overflow as they tend to attract opinionated answers and spam. Instead, describe the problem and what has been done so far to solve it.
Questions asking for code must demonstrate a minimal understanding of the problem being solved. Include attempted solutions, why they didn't work, and the expected results. See also: Stack Overflow question checklist
Improve this question
(My apologies if this exists, but I have not seen a response to this flavor of preventing java script injections)
Detail: All handling would be on server side.
I want my users to be able to post HTML tags in general, but I am looking for a way to limit what tags and effects can by used. Are there any existing solutions online for this? (I do not want to encode my users content.
Yes:
Text + Formatting
Links
Lists
Images
No:
CSS: by ref, by tag or inline
JS: by ref, by tag or inline
IFrames
Objects
Any thoughts?
You could use the HtmlAgilityPack to parse the input from the user as HTML and easily detect and remove unwanted tags.
http://htmlagilitypack.codeplex.com/
When I'm doing sanitization on the client side, I tend to reach for sanitize.js - I believe it has all of what you're looking for and more
https://github.com/gbirke/Sanitize.js/
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking us to recommend or find a tool, library or favorite off-site resource are off-topic for Stack Overflow as they tend to attract opinionated answers and spam. Instead, describe the problem and what has been done so far to solve it.
Closed 9 years ago.
Improve this question
I am writing my own theme based on Twitter Bootstrap 3.x and want to be sure that I implement all styles for all elements properly. So I have decided that it would be great to have a html page with all elements included, which I can use as "check list" of what has to be done.
Does anybody have or see such or similar page?
You can go to the twitter bootstrap and get html source and test your css and other functionality there.
This page http://bootswatch.com/default/ has the whole lot on one page. Easier than downloading the official docs, and it's updated when bootstrap changes.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking us to recommend or find a tool, library or favorite off-site resource are off-topic for Stack Overflow as they tend to attract opinionated answers and spam. Instead, describe the problem and what has been done so far to solve it.
Closed 9 years ago.
Improve this question
I'd like to display a block of JavaScript code on my website, and have it marked up in such a way that the variables, reserved words, ect, are color coded. I've checked several site for their CSS and JavaScript which is assigning classes and styles to the text, but so far, all of their methods have been sufficiently obfuscated such that I can't utilize their methods. I found and easily implemented a FANTASTIC format tool in JS-Beautify, but it doesn't color code. I saw that he is using code-mirror on his web interface, but was unable to determine how to implement it on my own. Unfortunately, doing an internet search for this isn't helping a lot because when you combine search terms Javascript, code, CSS, format, markup, stylsheet, etc. all kinds of results appear, but none of what I want.
Does anyone know where I can find either a CSS for Javascript code, or a combo of JS & CSS to apply classes/styles to color code my code?
Thanks!
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 9 years ago.
Questions asking us to recommend or find a tool, library or favorite off-site resource are off-topic for Stack Overflow as they tend to attract opinionated answers and spam. Instead, describe the problem and what has been done so far to solve it.
Questions asking for code must demonstrate a minimal understanding of the problem being solved. Include attempted solutions, why they didn't work, and the expected results. See also: Stack Overflow question checklist
Improve this question
I have an Android app which should be able to display reStructuredText as HTML inside WebView. It already has support for few other markups using javascript libraries. As far as I know, there is no javascript implementation of reStructuredText yet. Most online tools uses docutils or similar as backend but I'd like to do the conversion on client side.
reStructuredText tool support lists a lot of tools and two of them, JRst (Java) and Laika (Scala), might do the trick on Android.
However, for making maintenance easier, I'm still looking for a javascript library which converts reStructuredText to HTML.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking us to recommend or find a tool, library or favorite off-site resource are off-topic for Stack Overflow as they tend to attract opinionated answers and spam. Instead, describe the problem and what has been done so far to solve it.
Closed 9 years ago.
Improve this question
I want to know if there's an existing Javascript library for validating HTML, preferably not one that relies on a web API.
The closest I've found to this is John Resig's HTML parser, but that seems to be more about fixing HTML and converting it to XML.
So is there something out there already? And if not, how difficult (and lengthy) would it be to adapt John Resig's parser?
No, there isn't one. However I am writing one: https://github.com/peterjwest/html_validator
You can't validate HTML with Javascript, because Javascript is loaded from within the HTML, which means the HTML is already rendered by the browser, which means all you can see with Javascript is the dom tree. The dom tree is built by the browser, but renders with and 'fixes' invalidations.
In short: What you need to validate HTML, is the HTML source. Javascript has access to the DOM, but not to the source.
edit
And immediately after posting, I'm thinking... You don't mean validating its own page =) You just want to validate a string with a javascript... So ignore this =)
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking us to recommend or find a tool, library or favorite off-site resource are off-topic for Stack Overflow as they tend to attract opinionated answers and spam. Instead, describe the problem and what has been done so far to solve it.
Closed 8 years ago.
Improve this question
What I'm looking for is something similar to this ASP.net Ajax Control.
However, I need a solution that uses only free technologies (e.g. PHP, Javascript).
I like TinyMCE
Have you checked CKEditor (ex FCKEditor). This is one of the most powerful editors. But it depends what your end users are. If they're developers then consider something similar that SO uses (WMD Editor). Much easier and faster to use. SO guys actually changed it to some degree but the original was used at first.
Basically you don't need it to tie to any server-side technology as long as it's programmable on the client side.
Probably the most popular is the FCKeditor - now renamed CKeditor.