tags:

views:

93

answers:

2
Q: 

Cleanup user input library .NET

Is there a .Net library which everyone uses to validate/cleanup user input from website. It seems like there are a lot of posts explaining which regex people use and when. While I do like to reinvent the wheel quite frequently I draw the line at user input.

Mostly I am not worried about SQL injection, but rather am concerned about html inputs and inputs which I cannot imagine. It would just put a smile on my face for it to work like this:

    string sanitizedInput = InputSanitizer.SanitizeInput(input, SanitizeOption.RemoveHTML 
| SanitizeOption.RemoveSQL);

Anyone have anything like this? (Thanks in advance)

+4  A: 

The latest version of AntiXSS has HTML sanitization functions that MS use internally.

blowdart  2009-09-19 20:56:18
See http://davidhayden.com/blog/dave/archive/2009/09/19/MicrosoftAntiCrossSiteScriptingLibrary31.aspx for a quick tip / micro-overview.
Jesper Mortensen  2009-09-20 07:16:48
A: 

There's xVal:

http://www.codeplex.com/xval

and the Validator toolkit:

http://mvcvalidatortoolkit.codeplex.com/

klabranche  2009-09-19 21:11:25

related questions

Displaying Flash content in a C# WinForms application
How to get the value of built, encoded ViewState?
Unhandled Exception Handler in .NET 1.1
How do I connect to a database and loop over a recordset in C#?
How do I most elegantly express left join with aggregate SQL as LINQ query
Get a new object instance from a Type in C#
.NET Testing Framework Advice
Automatically update version number
What is the difference between an int and an Integer in Java/C#?
How to write to Web.Config in Medium Trust ?
WinForms ComboBox data binding gotcha
How do you sort a C# dictionary by value?
Adding Scripting functionality to .NET applications
Floating Point Number parsing: Is there a Catch All algorithm?
How do I print an HTML document from a web service?
Decoding T-SQL CAST in C#/VB.net
Anatomy of a "Memory Leak"
How do I get a distinct, ordered list of names from a DataTable using Linq
Reliable Timer in a Console Application
How do I fill a DataSet or a DataTable from a LINQ query resultset ?
What's the difference between Math.Floor() and Math.Truncate() in .NET?
How do I calculate relative time?
How do I calculate someone's age in C#?
Are there any conversion tools for porting Visual J# code to C#?
When setting a form's opacity should I use a decimal or double?