Create customizable comment encoding method (fixes #525)

mganss · mganss · commit 9254a1337be4 · 2024-02-01T17:38:20.000+01:00
diff --git a/src/HtmlSanitizer/HtmlSanitizer.cs b/src/HtmlSanitizer/HtmlSanitizer.cs
@@ -99,6 +99,11 @@ public HtmlSanitizer(HtmlSanitizerOptions options)
             AllowedAtRules = new HashSet<CssRuleType>(options.AllowedAtRules);
         }
 
+        /// <summary>
+        /// Gets or sets the default <see cref="Action{IComment}"/> method that encodes comments.
+        /// </summary>
+        public Action<IComment> EncodeComment { get; set; } = DefaultEncodeComment;
+
         /// <summary>
         /// Gets or sets the default <see cref="Action{IElement}"/> method that encodes literal text content.
         /// </summary>
@@ -458,9 +463,7 @@ private void RemoveComments(INode context)
         {
             foreach (var comment in GetAllNodes(context).OfType<IComment>().ToList())
             {
-                var escapedText = comment.TextContent.Replace("<", "&lt;").Replace(">", "&gt;");
-                if (escapedText != comment.TextContent)
-                    comment.TextContent = escapedText;
+                EncodeComment(comment);
 
                 var e = new RemovingCommentEventArgs(comment);
                 OnRemovingComment(e);
@@ -470,6 +473,13 @@ private void RemoveComments(INode context)
             }
         }
 
+        private static void DefaultEncodeComment(IComment comment)
+        {
+            var escapedText = comment.TextContent.Replace("<", "&lt;").Replace(">", "&gt;");
+            if (escapedText != comment.TextContent)
+                comment.TextContent = escapedText;
+        }
+
         private static void DefaultEncodeLiteralTextElementContent(IElement tag)
         {
             var escapedHtml = tag.InnerHtml.Replace("<", "&lt;").Replace(">", "&gt;");

Original file line number	Diff line number	Diff line change
`@@ -99,6 +99,11 @@ public HtmlSanitizer(HtmlSanitizerOptions options)`
`99`	`99`	`AllowedAtRules = new HashSet<CssRuleType>(options.AllowedAtRules);`
`100`	`100`	`}`
`101`	`101`
	`102`	`+ /// <summary>`
	`103`	`+ /// Gets or sets the default <see cref="Action{IComment}"/> method that encodes comments.`
	`104`	`+ /// </summary>`
	`105`	`+ public Action<IComment> EncodeComment { get; set; } = DefaultEncodeComment;`
	`106`	`+`
`102`	`107`	`/// <summary>`
`103`	`108`	`/// Gets or sets the default <see cref="Action{IElement}"/> method that encodes literal text content.`
`104`	`109`	`/// </summary>`
`@@ -458,9 +463,7 @@ private void RemoveComments(INode context)`
`458`	`463`	`{`
`459`	`464`	`foreach (var comment in GetAllNodes(context).OfType<IComment>().ToList())`
`460`	`465`	`{`
`461`		`- var escapedText = comment.TextContent.Replace("<", "<").Replace(">", ">");`
`462`		`- if (escapedText != comment.TextContent)`
`463`		`- comment.TextContent = escapedText;`
	`466`	`+ EncodeComment(comment);`
`464`	`467`
`465`	`468`	`var e = new RemovingCommentEventArgs(comment);`
`466`	`469`	`OnRemovingComment(e);`
`@@ -470,6 +473,13 @@ private void RemoveComments(INode context)`
`470`	`473`	`}`
`471`	`474`	`}`
`472`	`475`
	`476`	`+ private static void DefaultEncodeComment(IComment comment)`
	`477`	`+ {`
	`478`	`+ var escapedText = comment.TextContent.Replace("<", "<").Replace(">", ">");`
	`479`	`+ if (escapedText != comment.TextContent)`
	`480`	`+ comment.TextContent = escapedText;`
	`481`	`+ }`
	`482`	`+`
`473`	`483`	`private static void DefaultEncodeLiteralTextElementContent(IElement tag)`
`474`	`484`	`{`
`475`	`485`	`var escapedHtml = tag.InnerHtml.Replace("<", "<").Replace(">", ">");`